Analysis: How F1 is fighting off the hackers
In the blink of an eye, computer hackers could wreak havoc in a Formula 1 team. Here's how technology giants have joined the fight to counter that threat.
XPB Images
Ever since Mark Webber's Red Bull car ground to a halt at the inaugural 2008 Singapore Grand Prix with gearbox failure attributed to electrical interference from an underground line, Formula 1 teams have always taken extra precautions around the Marina Bay circuit.
The exact cause of the electrical signals remains open to debate, but it highlights how teams have always to be mindful about the potential of an external force playing havoc with a car's electronics, for a wrong signal at the wrong time can mean instant retirement.
But in the modern ultra-connected world we live in, the threat posed by a part of a Singapore track pales into insignificance compared to the chaos that modern day hackers could create if they were able to get inside an F1's electronics black box.
Open doors
It's why companies like anti-virus giants Kaspersky Lab have thrown themselves into F1 with Ferrari - because the technology progress, high-profile compeition and cost of things going wrong makes the sport an arena like no other.
For Kaspersky's chief sales officers Alexander Moiseev, the sophistication of hackers means that if an F1 team dared try to run without strong protection, then the danger is not only losing data, but in having its car put under someone else's control.
"I don't want to create a black sky, but technically without protection, the doors are open," Moiseev tells Motorsport.com.
"All teams have their own IT departments, they have security and knowledge themselves but protection is fundamental.
"We have done a huge work with Ferrari over a year and a half. We learned a lot to adjust the product and create solutions. We did a lot of education in terms of cyber security because their way of seeing threats was different from what we do.
"If they lived without protection, it would be like if you have a perfect home and put no locks on the door. Would it be easy to access it?"
Growing threats
Many of the sophisticated hacker groups are interested in either scaring people or getting money, but equally some would get satisfaction from simply bringing down an F1 team.
Moiseev says the threats are ever increasing, and it is a never-ending task for his company to stay on top of things.
"If you try to analyse the number of threats and targeted attacks that are happening over a weekend, they are happening because there are more people and bigger crowds – so it is really extreme for our protection system," he said.
"The protection for the team starts at the pit wall and ends up at the tracks and with the factory itself. Then of course, the data itself – it is very vulnerable. It is always under attack, the question is how the bad guys will decide to attack it."
Moiseev says that his company not only has to fight off potential risks of hackers bringing down car systems, but also wreaking havoc with entire computer systems.
"There are different sorts of attacks. Consider, for example, the 'DOS' attack. As an example, if you have a phone and I call you, I disable the service for other incoming calls. You can enable a second line but if someone else calls you as well, then you have denial of service [DOS].
"With an Internet service, you have millions of lines to come in to read the website. But if you create a bottleneck and hack many, many computers and command them to go the website, you basically create a denial of service to the website and it doesn't work. This is called DOS attack.
"It is something that is becoming quite common and, for teams, it is much more sensitive to be service enabled. They cannot have DOS – the service must always be live."
Team hacks
But it is not just criminals or troublemakers that those in F1 are having to watch out for, because if teams were left unchecked then the temptation to hack into systems for competitive gains would be too much for some not to act.
Since 2008, F1 teams have all had to use a standard ECU supplied by McLaren Applied Technology, and great efforts have been made to ensure that it is tamper proof.
The processors inside F1's ECU are supplied by Freescale, and the American company is well versed in understanding how in the past, in other categorie,s some nefarious behaviour was going on.
Freescale's Peter Highton, who is heavily involved in the F1 project, said: "If you have physical access to something, you can spend a lot of time and probably hack your way in there, but it would take months and a lot of effort.
"We went through a situation 10-15 years ago where we found people were playing with standard ECUs to get them into a vulnerable state [so they could be hacked].
"The way to do it was to play around with the voltage. So you would drop the voltage very low and bring it back up again, and it would put the ECU into a reset mode. At this point they could put a debugger in and say, 'oh it is just starting to run code now'.
"So they could hack in before the system had started running properly. What we've now done is build into chips to look into strange voltage variations, strange clock variations and tampering. Even there, we have tried to make it as physically difficult as possible to get into it.
"The latest devices, if they see a tamper, will just erase something. There will be nothing to debug…"
In F1, of course, the ECUs will not be wiped. Any such bad behaviour will simply flash up with the FIA and the troublemakers will be outed. Intricate systems have also been put in place to ensure that any software teams use themselves is not cleverly getting around the rules.
Tim Stafford, commercial director of McLaren Applied Technology, said: "Our company has worked closely with the FIA to develop techniques and security mechanisms that the FIA can satisfy themselves that they have a secure system to allow the teams to run cars but prevent driver aids they don't want them to run.
"If you look inside a garage, the software running on a laptop for a particular car is licenced specifically for that team. The data off that laptop in someone else's garage, they wouldn't be able to talk to the box."
Striving for perfect security
Ultimately, it is about the gamekeepers being one step ahead of the poachers.
As Highton explains: "We have seen road cars that have been hacked, and the way in for those guys was through the infotainment system, which hadn't been secured as much as the mission critical areas. What you really don't want to happen is have someone play around with the way the engine is running.
"We realised years ago that cars had to have the same level of protection as other systems – and the rest of the world is catching up!"
Moiseev concurs: "Unfortunately for us, with the bad guys there are a lot of guys working with good minds. Bad minds in terms of understanding the world but good minds in terms of technology.
"The malware world is really a business, a huge business. But the things they do, the groups they have and the technology they realise, just seeing some samples from what we have on our database, the investment to create such a weapon is huge.
"Some are targeted to release money, some are targeted to scare people – but the investment is huge. Unfortunately, we need to be constantly updated."
And with a more and more connected world – where our smartphones connect to our laptops and our cars – the technology is ever changing.
F1 is not above any of this, but for now it appears the hackers have not yet got through and stopped a car, perhaps because the price of breaking the systems is simply too much.
"There is a definition of perfect security," adds Moiseev. "100 percent security doesn't exist, but perfect security means the investment to get through the security perimeter is higher than the money you can get after. That is the level we have to operate at."
Be part of Motorsport community
Join the conversationShare Or Save This Story
How Haas delivered its F1 "game changer"
Mercedes becomes first F1 team to exceed £500m turnover
The ironic reason Newey thinks Red Bull hasn't been caught in F1 yet
F1 Chinese GP: How to watch, ESPN Formula 1 TV times in USA
How Ferrari has kept itself in the F1 hunt despite no major upgrades
Is Ferrari's revolution closing the gap to Red Bull?
Why MotoGP’s COTA thriller was just what Liberty wanted to see
Why tough love has allowed Fourmaux to reach new WRC heights
Martin: Bagnaia still MotoGP title favourite in 2024 but fight is wide open
"Complete s***show" - Does the DTM test still make sense in its current form?
What the Chinese GP's highlights reveal about its first F1 race for five years
The secrets of F1 turbocharging explained
Why Alpine’s rigorous training camp yields telling insights into its juniors
The ironic reason Newey thinks Red Bull hasn't been caught in F1 yet
Subscribe and access Motorsport.com with your ad-blocker.
From Formula 1 to MotoGP we report straight from the paddock because we love our sport, just like you. In order to keep delivering our expert journalism, our website uses advertising. Still, we want to give you the opportunity to enjoy an ad-free and tracker-free website and to continue using your adblocker.
Top Comments