summaryrefslogtreecommitdiffstats
path: root/sec-blueprint/02-adversaries.md
diff options
context:
space:
mode:
Diffstat (limited to 'sec-blueprint/02-adversaries.md')
-rw-r--r--sec-blueprint/02-adversaries.md62
1 files changed, 0 insertions, 62 deletions
diff --git a/sec-blueprint/02-adversaries.md b/sec-blueprint/02-adversaries.md
deleted file mode 100644
index 3ece5bb..0000000
--- a/sec-blueprint/02-adversaries.md
+++ /dev/null
@@ -1,62 +0,0 @@
----
-
-title : Adversaries
-date : 2017-07-07
-category: security
-tags: security, architecture, automotive, linux
-layout: techdoc
-
----
-
-**Table of Content**
-
-1. TOC
-{:toc}
-
-This section lists some of the adversaries and attackers within the
-Automotive space
-
-# Enthusiast Attackers
- Enthusiast attackers have physical access to the Engine Control
- Units (ECUs) at the circuit board level. They can solder ‘mod chips’
- onto the board and have access to probing tools. They also have
- information on ECUs that have been previously compromised and have
- access to softwares and instructions developed by other members
- of car modification forums. The goal of the enthusiast hacker
- could be, but is not limited to, adding extra horse power to the
- car or hacking it just for fun.
-
-# Corrupt Automotive Dealers
- Corrupt automitive dealers are attackers that have access to the
- same capabilities as enthusiasts, but also have access to the car
- manufacturer's (OEM) dealer network. They may also have access to
- standard debugging tools provided by the car manufacturer. Their
- goal may be to support local car theft gangs or organized criminals.
-
-# Organized Criminals
- Organized criminals have access to all of the above tools but may
- also have some level of control over the internal network at
- many dealerships. They may have hacked and gained temporary
- control of the Over-The-Air (OTA) servers or the In-Vehicle
- Infotainment (IVI) systems. This is very much like the role of
- organized criminals in other industries such as paid media today.
- Their goal is to extort money from OEMs and/or governments by
- threatening to disable multiple vehicles.
-
-# Malware Developers
- Malware developers have developed malicious software to attack
- and compromise a large number of vehicles. The malicious software
- is usually designed to spread from one vehicle to another.
- Usually, the goal is to take control of multiple machines and then sell
- access to them for malicious purposes like denial-of-service (DoS)
- attacks or theft of private information and data.
-
-# Security Researchers
- Security researchers are ‘self-publicized’ security consultants trying
- to make a name for themselves. They have access to standard tools for
- software security analysis. They also have physical access to the
- vehicle and standard hardware debugging tools (Logic Analyzers,
- Oscilloscopes, etc). Their goal is to publicize attacks for personal
- gain or just to gain personal understanding with a sense of helping make
- things more secure.
-