how it works and how to defend yourself

More and more cars are connected to smartphones and the internet and this is opening the door for hackers. Here are the tips Domenico Raguseo, cybersecurity director for Exprivia

Giuseppe Croce

– Milan

“The Internet is made to be easy to use, not to be safe, and today our cars are connected to the Internet.” With these, a few but very clear words from the engineer Domenico Raguseo, cybersecurity director for Exprivia, it is possible to sum up the problems of car safety in 2022 to the extreme. But not only, because as Raguseo explained to “attack” a vehicle it is not, it does not even need to be connected to the Internet: just a USB stick, or just connect it to your phone via Bluetooth. Exprivia – listed – is the leader of an international group specializing in information and communication technology based in Molfetta, in the province of Bari, with a turnover of over 180 million and approximately 2,400 employees. It is also involved in the development of security systems for banking, medicine, industry, telecommunications, public administration and more recently the automotive sector has been added. With this know how working, like other companies in the sector, to make our cars safer (in the IT sense), which, as Raguseo explains, are now real “data centers on wheels”. Recently, Exprivia delivered Macnil Technology Solutions, a company that produces a famous car alarm, the technology needed to create a new Soc. It is a Security Operation Center, a place where millions of information physically comes from the alarms installed by Macnil across Europe. This data is used to find out if an attack on a vehicle is underway, an eventuality now not as rare as one might think.

to prevent

“Before talking about computer security in the car – explains the Cybersecurity Director of Exprivia – it is necessary to understand that the whole security issue is concentrated in three phases: preventing an attack, detecting the ongoing attack, responding to the attack”. To prevent an attack, according to Raguseo, it is important to use the best and most up-to-date devices and software, but also to implement proper behavior. “The most incredible thing is that most cyberattacks stem from the old, but still valid, phishing technique: the hacker throws a lure, and the user takes the lure by downloading a file or engaging in dangerous behavior.” But what does phishing (and thus computers and smartphones) have to do with cars? It has a lot to do with it, because cars are more and more often connected to smartphones and smartphones can be used as a lock selector to get into the car software: “If I want to attack a car, but I know the car is connected to the smartphone – continue Raguseo – I better connect my smartphone: it’s more comfortable and easier, I get the same result with less effort “.

to discover

The second phase of cyber security in cars is to detect that there has been an attack. And here things get complicated: If our cell phone has caught a virus, very often, we quickly notice it from abnormal behavior. For example, “strange” web pages open, money disappears from the credit card we use to buy online, the mobile phone slows down, freezes or shuts down for no apparent reason, or starts sending messages to our contacts found in the address book. However, if the attack is against a car, there are no such obvious signs. But they are there, and with certain technological methods and tools, it is possible to detect that the car is under attack. “Today’s cars are filled with sensors, actuators and controllers that communicate with each other and with the outside, via Bluetooth, WiFi or calling cards. These communications are almost always normal, as is the case when the car recognizes the driver. Approaching. With the key “in the pocket: there is an exchange of legitimate radio signals between the car and the key, where the car recognizes the key and opens the door. Other times they are not normal and that means something abnormal is happening, it is dangerous”. Raguseos and the team he leads are tasked with creating technologies that enable those who control the car or its security systems, such as the alarm, to automatically detect if something strange is happening inside or around the vehicle, and if this is done in order to respond in the most appropriate, timely and effective manner. In other words: to respond to the attack.


Response management, explains the Exprivia manager, is as complex as the two previous phases, because in addition to being efficient, it must also be acceptable to the driver. “It would be easy to react to an attack, or an alleged attack, simply by blocking the car on and off all computer systems, but it is not always what the user expects, who in addition to the computer systems need the car to get around” . For this reason, the Apulian company has started using a lot of artificial intelligence to better control the data collected and sent by the cars and prepare a wide range of “Use Cases”, ie typical cases of use of the vehicle (potentially) attacked and an equally wide range of possible reactions and countermeasures. Also, thanks to AI, there is one type of reaction rather than another, to avoid false positives while keeping the vehicle usable as much as possible, even if the attack is very likely, or even safe.

what we risk

In light of all this, the reader who has come this far will wonder what the risk is in practice. The answer is very clear: if cars are and are becoming more and more connected, the cybersecurity of cars is an issue that interests everyone and that no one should underestimate. Anyone who has access to a car that is not his own actually knows where he is going, where he stops to eat, sleep, whether he is going to the cinema or the theater, if he has a family, partner or companion , the owner or the right of use of the car. . And in addition to knowing something, he can do anything: he can open the car, go in to steal or hide items, such as a bug or a transmitter. It can tamper with the car, in all its parts controlled and controlled by an electronic system. It can even prevent you from using it, the car, by asking for a ransom. This is already happening with computers and smartphones, they are called “ransomware” and are computer viruses that encrypt all device data, making them unreadable. The hacker, after rendering the device unusable, asks the user to pay a ransom to “unlock” the data. A hacker who managed to “enter” the car’s ECU could easily encrypt all data, making the mapping unreadable, thus preventing the engine from starting. Physical replacement of the control unit, depending on the car, usually costs between 1,000 and 3,000 euros, excluding labor. If one day while drinking coffee in the morning you receive a message on your mobile phone telling someone that your car in the garage today will not turn on unless you also offer him a 500 euro coffee, what would you do? Now just think of a company fleet, with 1,000 or more cars in circulation throughout Italy and perhaps abroad, all of which stop at the same time and do not want to leave again because someone no longer has enough coffee and wants to bid on the whole dinner. .

how to defend oneself

In light of all this, which is not science fiction, but which is already absolutely possible (ransomware are the same viruses that have been attacking Italian regions and companies for months), it may be appropriate to help Domenico Raguseo and his colleagues help drivers better, to put a short series of simple but important movements in place. “The most important thing is to be aware of connectivity options,” explains Raguseo. from a very common USB stick “. It should not be forgotten that if Bluetooth is used to connect the phone to a sharing car, for example a sharing car or a rental car, the next person boarding can download a lot of data and tracks left behind. telephone. Then pay attention to the apps installed in the car and in the phone connected to the car: Apps execute codes, commands, and if tampered with, they can attack the vehicle. A theme, namely the safety of apps related to cars, which will only become more important in the coming years, with the proliferation of electric cars and charging apps.

Leave a Comment