diff options
author | ronan [iot.bzh] <ronan.lemartret@iot.bzh> | 2017-07-11 10:12:26 +0200 |
---|---|---|
committer | GitHub <noreply@github.com> | 2017-07-11 10:12:26 +0200 |
commit | f7196ecbd2f587781539f8dadd3f1c2a77dff9d5 (patch) | |
tree | 19e2ca3da6ac57846b0d24b8959cc43dc57ce5c6 /sec-blueprint/04-adversaries.md | |
parent | 86fce9c3efcc48b94710e2f56b1c78bdc9b79263 (diff) | |
parent | 12682a6df639e61132fb6b4064edf4b931f31579 (diff) |
Merge branch 'master' into master
Diffstat (limited to 'sec-blueprint/04-adversaries.md')
-rw-r--r-- | sec-blueprint/04-adversaries.md | 19 |
1 files changed, 12 insertions, 7 deletions
diff --git a/sec-blueprint/04-adversaries.md b/sec-blueprint/04-adversaries.md index 8740ae5..1dd4758 100644 --- a/sec-blueprint/04-adversaries.md +++ b/sec-blueprint/04-adversaries.md @@ -1,5 +1,7 @@ This section lists some of the adversaries and attackers in Automotive. -## Enthusiast Attackers: + +## Enthusiast Attackers + Enthusiast attackers have physical access to the Engine Control Units (ECUs) at the circuit board level. They can solder ‘mod chips’ onto the board and have access to probing tools. They also have @@ -9,14 +11,16 @@ This section lists some of the adversaries and attackers in Automotive. could be, but is not limited to, adding extra horse power to the car or hacking it just for fun. -## Corrupt Dealers: +## Corrupt Dealers + These are attackers that have access to the same capabilities as enthusiasts, but also have access to the car manufacturer's (OEM) dealer network. They may also have access to standard debugging tools provided by the car manufacturer. Their goal may be to support local car theft gangs or organized criminals. -## Organized Criminal: +## Organized Criminal + Organized Criminals have access to all of the above tools but may also have some level of control over the internal network at many dealerships. They may have hacked and gained temporary @@ -26,7 +30,8 @@ This section lists some of the adversaries and attackers in Automotive. Their goal is to extort money from an OEMs and/or governments by threatening to disable multiple vehicles. -## Malware Developers: +## Malware Developers + Malware Developers have developed malicious software to attach and compromise a large number of vehicle. The malicious software would usually be designed spread from one vehicle to another. @@ -34,11 +39,11 @@ This section lists some of the adversaries and attackers in Automotive. access to them for malicious purposes like denial-of-service (DoS) attacks or stealing private information and data. -## Security Researchers: +## Security Researchers + These attackers are ‘self-publicized’ security consultants trying to make a name for themselves. They have access standard tools for software security analysis. They also have physical access to the vehicle and standard hardware debugging tools (Logic Analyzers, Oscilloscopes, etc). Their goal is to publicize attacks for personal - gains. - + gains.
\ No newline at end of file |