Global cybersecurity experts at BlackHat Middle East and Africa's (BlackHat MEA) three-day annual cybersecurity and hacking convention in Riyadh, Saudi Arabia, were surprised when Vikash Chaudhary, CEO of HackersEra, India's first vehicle PenTest company, gave a detailed presentation on his latest research on automotive security tools for CAN Bus hacking called "HackersEra V1."
BlackHat MEA formerly @HACK is a three-day cybersecurity and hacking convention that annually takes place in Riyadh, Saudi Arabia, during Riyadh Season. It is one of the largest conventions in the cybersecurity and hacking industry in the world. It is co-organized by the Saudi Federation for Cybersecurity, Programming and Drones (SAFCSP), and Informa tech. The event was designed in association with the BlackHat Team.
Vikash Chaudhary was invited to the BlackHat MEA as a speaker on ‘Methods of Attack for the Pursuit of CAN Bus Protocol’ following HackersEra's years-long research on automotive security and the designing of the security tool for CAN Bus hacking.
“It was a great opportunity for me to give a detailed presentation to the global cybersecurity experts and industry leaders on the methodology and tool for the CAN Bus hacking in the automotive industry,” said Vikash Chaudhary, CEO of HackersEra .
“We have named our unique tool as HackersEra V1, which is easy and user friendly, has a maximum attack coverage, is automated for varieties of CAN Bus attacks, etc,”
What is CAN Bus?
The Controller Area Network bus (CAN bus) is the hub of a vehicle's interconnectivity. This is relevant since the car relies on electrical impulses to perform a wide variety of tasks. The car includes various features, including door locks, a speedometer, a gas gauge, brake and gas pedal controls, and more. This network is used by several of these devices for communicating.
An automobile's OBD-II (Onboard diagnostics 2) connector is a port that reads diagnostic trouble codes. When we take our cars in for repairs, the mechanic will often hook a computer into this port to read the problem message. This allows for considerably faster troubleshooting of any difficulties, including those that don't necessarily trigger the check engine light. Access to these ports is typically straightforward. Typically, they are located in one of three places: under the dashboard on the passenger side, behind the steering column, or by the pedals. The OBD-II connector is the point of entry for CAN bus communication.
Chaudhary said, “Cyclic transmission is typically used for sending very important information that many ECUs need all the time. When an ECU needs a specific piece of data, it will send a message with a unique identifier that says that data is needed (remote frame). The ECU that can provide the requested information sends the requested information on the CAN bus, and the requested ECU receives the requested information without using the CAN bus.”
Talking about the plans for CAN Bus hacking, Chaudhary said, “Our plans include the integration of the secure CAN bypassing techniques, CAN IDS bypassing methodologies, and UDS exploitation techniques, which will make HackersEra stand out in the automotive cybersecurity space in the world”