Beware the Monolith

Written By Edward Luck

Yesterday we were notified of another VF Commodore that was stolen by pushing or towing it away even though it had a CANbus immobiliser fitted (i.e., Ghost/IGLA). And it reminded me of a classic term we use in Cybersecurity - “Monolithic security”.

It boils down to this:

If most people with a VF Commodore have a CANbus immobiliser fitted, thieves will assume that you have an CANbus mmobiliser fitted and will just tow it away rather than attempt to use their normal tools to start the car.

We use the term, “monolithic” because nesrly everyone will have the same protection in place. And so the thieves pivot to a technique that bypasses it.

What to Do?

There is a short version and a long version of this. The short version is get a good tracking system in place (hi there!). The long version is to layer your security.

Looking a VF commodore specifically, here is what we would recommend:

  • A good vehicle immobiliser. CANBus, or otherwise (hi there!)

    • The Immobiliser should also disable the electric park brake switch, or electronic steering lock

  • A good GPS tracking system

    • With auto geofence alarms

    • With Ignition notification

    • With towing alarms

    • With real-time tracking capabilities

    • With a backup battery

    • Tied into the immobiliser if possible

  • If the vehicle is really valuable, a secondary (standby) GPS tracker powered by an internal long life battery

Closing thoughts

Attack and defense is a constantly evolving game. An attack appears and is very successful, followed by a defense which is very successful, followed by the attacker pivoting to a new technique (which is very successful!) and so on.

As players in the defense market, we of course are always trying to make the sale and it is easy to fall into the trap of saying something can’t be defeated or bypassed. Everything can be defeated with enough time. Honestly we’re surprised that some enterprising fellow or team hasn’t found vulnerabilities in Ghost/IGLA that could also be exploited via CANBus. It is improper thinking to suggest that one could not exist. It is better thinking to suggest that one may exist but just hasn’t been found or attacked yet.

We don’t believe there is a known vulnerability in Ghost or IGLA though. If there was we’d likely hear about it because it’s not like your average thief on the street is good at keeping secrets.

So in summary…

Avoid the Monolith and layer your security.

Edward Luck
Next

Listen, Coppertop