A field manual on contextualizing cyber threats, vulnerabilities, and risks to connected cars through penetration testing and risk assessmentHacking Connected Cars deconstructs the tactics, techniques, and procedures (TTPs) used to hack into connected cars and autonomous vehicles to help you identify and mitigate vulnerabilities affecting cyber-physical vehicles. Written by a veteran of risk management and penetration testing of IoT devices and connected cars, this book provides a detailed account of how to perform penetration testing, threat modeling, and risk assessments of telematics control units and infotainment systems. This book demonstrates how vulnerabilities in wireless networking, Bluetooth, and GSM can be exploited to affect confidentiality, integrity, and availability of connected cars.Passenger vehicles have experienced a massive increase in connectivity over the past five years, and the trend will only continue to grow with the expansion of The Internet of Things and increasing consumer demand for always-on connectivity. Manufacturers and OEMs need the ability to push updates without requiring service visits, but this leaves the vehicle's systems open to attack. This book examines the issues in depth, providing cutting-edge preventative tactics that security practitioners, researchers, and vendors can use to keep connected cars safe without sacrificing connectivity.Perform penetration testing of infotainment systems and telematics control units through a step-by-step methodical guideAnalyze risk levels surrounding vulnerabilities and threats that impact confidentiality, integrity, and availabilityConduct penetration testing using the same tactics, techniques, and procedures used by hackersFrom relatively small features such as automatic parallel parking, to completely autonomous self-driving cars--all connected systems are vulnerable to attack. As connectivity becomes a way of life, the need for security expertise for in-vehicle systems is becoming increasingly urgent. Hacking Connected Cars provides practical, comprehensive guidance for keeping these vehicles secure.


Alissa Knight has worked in enterprise risk management for over 18 years, beginning her career in red team penetration testing on the offensive side of IT security and blue team defensive strategies through intrusion analysis, incident response, and forensics. For the last 4 years, she has focused her research and development in performing dozens of penetration tests against connected cars for manufacturers and OEMs in the United States, Middle East, Europe, and Asia. Alissa has been speaking at conferences in Europe and Asia on performing penetration testing against connected cars and autonomous vehicles while working with the automakers and OEMS in treating those risks. She is the Group Managing Partner of Brier & Thorn, Inc. in the Americas leading their connected car division which she set up while working for Brier & Thorn Germany in the automobile corridor.