igor - Fotolia
My company uses devices to provide telematics information to manage a fleet of vehicles. I found out these devices may not authenticate SMS messages. What is the best way to build a layer of defense around telematics information?
It's likely your company has been using CalAmp LMU-3030 series products to provide vehicle tracking devices. They include an SMS interface on both code division multiple access (CDMA) and Global System for Mobile communication (GSM) versions.
Managers of fleets of vehicles rely on SMS messages for telematics information on road transportation, road safety, sensor outputs and vehicle maintenance history. For example, vehicles carrying temperature-sensitive drugs and food have their temperatures tracked. The company must meet regulatory compliance on quality assurance and delivery requirements.
Unfortunately, SMS messages, by default, are not password-protected; in fact, the National Institute of Standards and Technology last year recommended that SMS authentication as a second factor be deprecated.
In this case, an attacker could dial in without entering a password. Getting the phone number of the CalAmp is easy with an international mobile subscriber identity (IMSI) catcher. This is a telephony eavesdropping device used to identify users in network traffic. For GSM (and LTE networks), the phone number is provisioned in the SIM card. CDMA2000 is an analogue to a SIM card for GSM.
This password vulnerability can enable the attacker to send administrative commands to the CalAmp device. The attacker could remotely update the firmware with malicious code that could affect the controller area network bus of the vehicle. Fake IP addresses could be configured, firewall rules could be changed and passwords could be created to block the victims.
A malicious SMS message, for example, would show wrong routes, incorrect speeding data, tainted fuel consumption data and confusing maintenance history. The victim would get an alert that a driver who always wears a safety belt was not wearing it while driving. Mechanics would get engine codes to fix the wrong problem.
To build a layer of defense around telematics information, the company should:
- have password protection or disable the SMS interface;
- upgrade to the latest firmware from CalAmp; and
- work with a service provider or systems integrator in complex supply chains to make these changes.
Ask the expert:
Want to ask Judith Myerson a question about security? Submit your question now via email. (All questions are anonymous.)
Find out how secure cellular data transmission actually is
Discover whether or not SMS two-factor authentication is really good enough for enterprises
Learn how the internet of things and telematics pose new opportunities for insurers
Dig Deeper on Two-factor and multifactor authentication strategies
Related Q&A from Judith Myerson
GE reported an improper authentication flaw in its PulseNet network management software for critical infrastructures. Discover how this flaw works ... Continue Reading
Researchers claim to have found a new attack against VMs that affects SEV technology. Expert Judith Myerson explains what this attack is and how it ... Continue Reading
The Wi-Fi Alliance released the updated WPA3 protocol, adding security enhancements to the Wi-Fi access process. Learn why enterprises should update ... Continue Reading
Have a question for an expert?
Please add a title for your question
Get answers from a TechTarget expert on whatever's puzzling you.