Max Yamabiko: Arming against the F1 cyber war

Max Yamabiko discusses the increasing threat of 'cyber warfare' in both F1 and the car industry, and how companies like Kaspersky are arming against it.
Max Yamabiko: Arming against the F1 cyber war

During the 1998 Australian Grand Prix a rather strange occurrence took place

Mika Hakkinen was called into the pits by his McLaren team, only to be presented with an empty pit box. McLaren had not made the call to pit at all. At the time it was attributed to the call being misheard, but there are others - such as Ron Dennis - who consider someone from outside the team made the call.

This low grade 'hack' of a Formula 1 teams critical systems showed how vulnerable they were at the time and with the rise if new electronic technology in every element of Formula 1 today the potential for cyber-crime and espionage is far greater than ever before.

To combat this many teams are now partnering with cyber security specialists, such as Ferrari with Russian firm Kaspersky Labs. The automotive industry is awash with both cyber espionage and malicious threats in a way it has never been before.

"It took us a few years to convince Ferrari to test the product, the solution we had. Now we provide 360 degrees of security at the factory, on the server facility, the racing team," explains Alexander Moiseev, Kaspersky's Managing Director (Europe). "In terms of cyber security Formula 1 is a tiny bit different to other areas in the automotive industry. The data transfer in F1 is faster and the amount is totally different so you need to manage that.'

In cyber security threats are occasionally identified which in reality are not there at all, leading to a programme or line of code being blocked from running or not running properly. On a computer or mobile phone it might just manifest itself as a momentary glitch, but on a grand prix car it could cause the power unit to shut down and force the car out of the race.

"You cannot have a false positive in F1 so the level of protection needs to be right at the top. But in the automotive industry some things are the same too. You no longer hear people speaking about classic threats, old fashioned malware today now there is a trend towards what we call APT, advanced persistent threat. To combat that we need to understand the behaviour of the data and if we see something anomalous we need to react.

"In classic security terms if you see a guy with a gun then that is a threat, but in terms of APT the guy with a gun on a battlefield is not a threat - that is just normal, but a guy with a gun on a beach then that is a threat. Also in that context a small boy in a swimming costume is normal on a beach but a small boy in a swimming costume on the battlefield then that is a problem, it's a threat. That is where cyber security is moving now."

It is no surprise that the cyber security firms are descending on top level motor racing, as its environment of aggressive development, secrecy and competition is simply a smaller, faster moving version of the wider automotive industry. As is the case with Formula 1, the amount of electronic systems on road cars is increasing all the time. Today an F1 driver only directly controls the steering and front brakes without any computer intervention and on some production cars it is even less.

"Connectivity and every advance in that area brings with it new potential threats, you have to look at all the potential entry points for a threat. If you look at a production car today it is a collection of about 40 computers, it is a computer network. Now look at park assist on cars, it steers the wheel, uses the throttle and the brake, all of these operations are controlled by that computer network, so you can understand if that is hacked then it's a problem.

One of the issues for cyber security in both motor racing and the production car industry is that the electronics on the car have been developed simply for vehicle operation purposes, little if any attention has been paid over the years to potential weaknesses in terms of being hacked. Now the cyber security firms are trying to fight back, but it is not an easy battle.

"The electronics on cars are designed for how the car operates on the road, they are not designed with security in mind. So the day they became connected they became very threatened. We do penetration testing when it is required and we look for weak points. In automotive terms we look for obvious openings which need to be protected. There are workarounds in this area but it's a big problem right now across the automotive industry."

While Moiseev avoids detailing exactly how his company works with Ferrari he makes it clear that the Russian firm is critical to the Italian team's security.

"We are deeply embedded with Ferrari, not like a sponsor, we are a pure technical partner. I think Ferrari is the only team which picks its partners not the other way round and this is great for us and gives us huge visibility. But we play a real role, there is a lot of Malware in F1, especially targeted at smart phones. F1 is a lot of people in one place so of course there is a lot of malware going around. But then there is also automotive espionage going on, threats."

Kaspersky's involvement with Ferrari goes deeper than just its racing programmes in F1 and the World Endurance Championship. 'With Ferrari every single device we have to work with it is completely secured. But everything has to be secured, the smart phone of the guy working with the robot on the production line should be secured too otherwise its just another entry point."

Data security is a major focal point in Formula 1 at the moment, not least in response to the news that Mercedes had discovered an outgoing member of staff attempting to steal data in 2015. Despite its efforts to restrict the employee access to confidential data when he handed in his notice, the accused in question still managed to access some sensitive data, even if he was caught before it could be transferred to rival teams.

"360 degrees of software is not enough it needs to be more three dimensional now. Nobody can be perfectly secure, you can't protect against crazy people or disgruntled staff. But the definition of security is that the investment of the break in must be higher than the reward for doing the break in and that is what we achieve' Moiseev counters. "Some of the techniques used by us and used by those making the threats are at the level of state security. It's a strange world we a living through a time of huge innovation and this creates a universe of threats!"

The potential remains that rival teams could (and may already do) attack each other electronically, either to steal data, disrupt production or perhaps even cause power unit or other electronic failures. It is clear that behind the scenes of Formula 1 there is an all out cyber war being fought, and with partners like Kaspersky Labs some teams have the best line of counter measures, protecting their developments.

By Max Yamabiko

Max Yamabiko will bring you a closer look at the technical side of motorsport throughout 2016, from the latest developments and solutions employed to keep you ahead of the game

Read More