This week, Yuval Weisglass, Senior Director, R&D at HARMAN Automotive Cyber Security – TowerSec, will be presenting on Out of Bounds attacks at ESCAR USA in Detroit. Running June 1-2, ESCAR is the world’s leading automotive cybersecurity conference.  As a leader in securing the connected car, HARMAN will be onsite to discuss the industry’s biggest challenges and opportunities.


Yuval shares insight below regarding Out of Bounds attacks and how HARMAN is implementing solutions that combat these attacks and further the development of the connected car.

Cyber security is without question a headache for OEMs and a roadblock preventing the proliferation of the connected car. No manufacturer wishing to offer a connected experience is immune to the threat of intrusion. Traditional detection and firewalling techniques are the starting point but more fundamental issues may have been overlooked, and preventing access to the car in the first place might be the best place to start.

From the hackers’ point of view, their objective is to find a vulnerable access point. Next, they need to exploit it by getting access via a communication portal. Such attacks, known as Out of Bounds (OOB), are surprisingly easy to implement.

There are a good number of ways to access the car: an International Mobile Subscriber Identity (IMSI) catcher is a very inexpensive device that a hacker can acquire to set up a fake cell network and disguise it as a safe or genuine communications provider. By doing this, hackers can use this network to send malicious signals to the car. Another way is through SMS spoofing, where messages from what looks like a valid number are hiding a connection to a malicious server.

To realize that, we used a head unit that had another layer of security to prevent any false messages from passing through and check the aforementioned attack vectors. We were able to breach this layer without much trouble. Nothing critical to the car’s operations or driver safety was affected, but we could sound the horn and lock the doors.

It’s clear that OEMs need to stop hackers getting through a communications channel from the start. Options exist such as robust heuristic algorithms that can detect if a communication comes from an authentic source, comparing information to look for clues that might point towards a potential OOB attack.

With existing solutions like TCUSHILED and ECUSHIELD, which can be retrofitted, it is possible for us to move to a more preventative stance, but we need to act together - and soon - to retain consumer confidence and momentum for connected car innovation.