Adversaries may use Valid Accounts to log into a service that accepts remote connections, such as telnet, SSH, and VNC. The adversary may then perform actions as the logged-on user.
This technique leverages the interconnected nature of vehicle systems, which often communicate with each other to perform functions essential to the vehicle's operation. Just as with traditional computing environments, vehicles can be designed with various networked components and services, including infotainment units, telematics, and onboard diagnostic systems that may provide an avenue for lateral movement.
This type of attack technique cannot be easily mitigated with preventive controls since it is based on the abuse of system features.