Initial Access

The adversary is trying to get into your vehicle.

Domain
Automotive
Rail
Technique-ID Title Description
ATE-012 Radio Data System (RDS) Attacks

RDS Attacks involves tricking victims into installing a benign-looking app that uses the RDS interface. Initially, this app exhibits no malicious behavior. Post-installation, the app dynamically downloads a backdoor, reassembling RDS packets to execute the payload. The exploit remains undetected as antiviruses can't scan runtime downloads. The attack bypasses Android's security checks of the vehicles infotainment system, exploiting vulnerabilities in the FM Radio API.

ATE-013 Malicious SMS

An attacker can unlock a car and control other critical functions through malicious SMS.

ATE-014 Exploitation of Wi-Fi Stack

Attackers target vulnerabilities within the vehicle's WiFi communication stack, gaining unauthorized access or control.

ATE-015 Gain access to Wi-Fi Hotspot

Attackers exploiting vulnerabilities or weak configurations in a vehicle's onboard WiFi system.

ATE-016 Exploitation via Bluetooth

Vulnerabilities in bluetooth stack may allow an attacker to execute code and gain access to the system. 

ATE-017 Exploitation via C-V2X

Attackers target vulnerabilities within the vehicle's C-V2X communication system, which facilitates information exchange between vehicles and infrastructure. This could potentially also compromise safety and traffic management systems.

ATE-018 Exploitation via DSRC

Attackers target vulnerabilities within the vehicle's DSRC system, used for V2V and V2I communications. Attackers can interfere with critical safety functions and traffic coordination.

ATE-019 Exploitation via Repair Shop/Garage/Factory

Attackers leveraging compromised systems within vehicle repair shops, garages, or factories. By exploiting these vulnerabilities, attackers can gain unauthorized access to the vehicle's systems, allowing them to introduce and execute malicious software.

ATE-020 Exploitation of OBD Dongles

OBD dongle connects to a vehicle's OBD interface. This interface is present in all modern automotive vehicles and is used for vehicle diagnosis and monitoring. Dongles can communicate via Wifi, Bluetooth, LTE, 5G and can be accessed from the Internet. An attacker could transfer malicious software to the OBD dongle to later gain access to the vehicle or compromise the control units.

ATE-021 Hardware addition

NA

ATE-021.01 Physical Access (CAN-Injection)

An attacker plugs his own hardware into the system or network as a "theft device".

ATE-021.02 Connect device network via USB-Ethernet

An attacker can plug in a USB flash drive that acts like a LAN cable to gain Ethernet access to the system.

ATE-021.03 Code Execution via USB

Malicious code or malware runs when a USB device or memory card is connected. Many computers and devices are configured to automatically run software after connecting a USB device or memory card. The malicious code is executed and attackers can then gain access to a system.

ATE-021.04 Code Execution via SD Card

Attackers introducing malicious code into a vehicle's system through an infected SD card, commonly used in navigation or infotainment systems.

ATE-021.05 Code Execution via CD

Attackers exploit vulnerabilities by inserting a CD with malicious code into the vehicle's audio or infotainment system, potentially gaining unauthorized access to connected systems.

ATE-022 Exploitation via OBD Interface

The OBD interface is a physical or wireless interface usually used by authorized mechanics or diagnostic equipment to access the vehicle's diagnostic data. Attackers can connect devices to the OBD interface and access and manipulate the vehicle's ECUs to introduce malicious software into the vehicle. This allows attackers to gain access later and even control it remotely.

ATE-023 Supply Chain Compromise

Products, software, and workflows are initially infected or counterfeited. They are manipulated before reaching the end consumer and are then utilized to gain access to control systems. The ultimate objective is to compromise data or systems once infected products enter the target environment.

ATE-024 Unsecured Web APIs

The increasing use of APIs in vehicle systems provides entry points for adversaries. Unsecured APIs provide opportunities for adversaries to exploit them.

ATE-025 Hacking in-vehicle apps

Adversaries exploit vulnerabilities or security gaps in the software applications integrated into a vehicle. These can be web browsers, multimedia applications, navigation apps.

ATE-026 Malicious App Delivery

Adversaries can trick, manipulate, or deceive users into installing malicious applications. This can be achieved through fake e-mails / websites / notifications / advertisements. Users believe that they are downloading a legitimate application when in fact they are receiving malware. Although app stores have strict security policies and reviews for published apps, some malicious apps can still bypass these reviews and appear in the official stores.

ATE-027 Drive-by Compromise

Attackers can install malicious code or malware on a victim system when the user visits an infected website without the user having to actively click anything or download a file. This technique exploits vulnerabilities in web browsers, browser extensions or plugins to deliver the malicious payload to the victim's system.

ATE-028 Exploitation via charging station

Attackers exploit vulnerabilities in EVSE or their communication protocols to gain unauthorized access to the vehicle's systems.

ATE-029 Keyless Go Attacks

NA

ATE-029.01 Replay Attack

Attackers captures legitimate Keyless Go signals and re-transmits them to deceive the system.

ATE-029.02 Relay Attack

Relay Attack is an extension of the replay attack. Attackers relay the original signal and transmit signals between the vehicle and its key fob, deceiving the system into believing the key is in closer proximity, thereby enabling unauthorized access or ignition.

ATE-029.03 Roll Jam Attack

 Attackers intercepting and delaying the signal transmitted by a key fob, causing a temporary disruption in the communication between the key and the vehicle.

ATE-029.04 Roll Back Attack

Attackers manipulate the sequence numbers or timestamps of the signals sent by the key fob. By "rolling back" these values, attackers can replay previous legitimate signals, deceiving the vehicle's security system and potentially gaining unauthorized access.

ATE-079 Exfiltration via Removable Media

Use of external storage devices, like USB drives, by attackers to physically extract data from the vehicle's systems.