Connected Cars: Risks for Automated Vehicles.

Uploaded on 2015-03-26 in TECHNOLOGY--Developments, NEWS-Cybersecurity News, FREE TO VIEW, BUSINESS-Services-IT & Telecoms, TECHNOLOGY-Key Areas-Internet of Things

broadcom-connectedcar_slide.jpg

Every day more devices are being connected to the Internet and connected cars are growing in number each year. These cars are well equipped with automatic notification of crashes, notification of speeding and safety alerts, but reports suggest that they are prone to cyber attacks because not enough measures have been taken to adequately protect these connected cars from hackers.  
The connected car could make our cloud services, e-mail, text messages, contacts, and other personal, financial, and work data vulnerable to hackers. Burglars could determine vehicle location provided by the vehicle’s e-email, text messages, contacts, and other personal, financial, and work data vulnerable to hackers. Burglars could determine vehicle location provided by the vehicle’s GPS to monitor when a home’s occupants are miles away. Hackers can gain access to vehicle networks and wreak havoc on traffic and even threaten the safety of vehicle occupants.
Connected cars can share information for a C2C (car-to-car) or a C2I (Car-to-Infrastructure) connections in real-time. Cars are becoming part of IoT (Internet of Things). Experts predict that (car-to-car) or a C2I (Car-to-Infrastructure) connections in real-time. Experts predict that IOT risks are going to increase drastically this year. How data is fetched from the Internet or data requests that are going from the car should be analyzed and evaluated. So, the focus is going to be in the cloud.
And with all the time we spend in where cars on the road will automatically swap data such as speed and direction, sending alerts to avoid crashes or traffic snarls. And with all the time we spend in our cars, it makes sense that they should become personalized digital assistants. 
Recently, German auto outfit announced it was sending an over-the-air update to cars featuring its SIM-based ConnectedDrive module. This allows drivers to remotely unlock their car, but the German automobile club ADAC had reverse-engineered the telematics software and warned BMW that a flaw made it possible for third parties to unlock vehicles. The update, which introduces HTTPS encryption to the car’s connection with BMW’s servers, is automatically downloaded as soon as the car module talks to that system.
Hackers were in theory able to dupe the car into unlocking by creating a fake mobile network, according to Reuters. There is no evidence that the flaw has been exploited, though it was present in up to 2.2 million BMWs, Minis and Rolls-Royces. Though, the vulnerability was patched on time by the company, there is always a learning from such an event. The majority of all automakers transmit data to third parties.
Recently, Oracle developed a platform to develop an application for cars using JAVA. Similarly, Qualcomm, AT&T and others are bringing in new platforms exclusively for connected cars. With such great technologies, we are creating a vast new attack surface for the hackers. The future is going to depend on the way we are going to provide Security awareness and security development for these connected cars.
Security Affairs http://bit.ly/1EXU3Y4

 

« 5 Essential Truths of The Internet Of Things
Drones: The Looming Threat »

CyberSecurity Jobsite
Perimeter 81
Cyrin

Real Attacks. Real Tools. Real Scenarios.
Schedule a demo

Go Cyber

Training that transforms behaviours

Sign Up: Cyber Security Intelligence Newsletter

Directory of Suppliers

XYPRO Technology

XYPRO Technology

XYPRO is the market leader in HPE Non-Stop Security, Risk Management and Compliance.

MIRACL

MIRACL

MIRACL provides the world’s only single step Multi-Factor Authentication (MFA) which can replace passwords on 100% of mobiles, desktops or even Smart TVs.

LockLizard

LockLizard

Locklizard provides PDF DRM software that protects PDF documents from unauthorized access and misuse. Share and sell documents securely - prevent document leakage, sharing and piracy.

Cyber Security Supplier Directory

Cyber Security Supplier Directory

Our Supplier Directory lists 6,000+ specialist cyber security service providers in 128 countries worldwide. IS YOUR ORGANISATION LISTED?

CYRIN

CYRIN

CYRIN® Cyber Range. Real Tools, Real Attacks, Real Scenarios. See why leading educational institutions and companies in the U.S. have begun to adopt the CYRIN® system.

Cloud Security Alliance (CSA)

Cloud Security Alliance (CSA)

The CSA is a not-for-profit organization with a mission to promote the use of best practices for providing security assurance within Cloud Computing

Spambrella

Spambrella

Spambrella provides email security with real-time threat protection. 100% SaaS (nothing to install)

CloudHesive

CloudHesive

CloudHesive provides cloud solutions through consulting and managed services with a focus on security, reliability, availability and scalability.

softScheck

softScheck

softScheck is an IT security consultancy. Services range from pentesting and compliance testing to security auditing of software and IT infrastructure.

DataVisor

DataVisor

DataVisor is a big data fraud detection and anti-money laundering solution.

Napatech

Napatech

Napatech develops and manufactures high speed network accelerators specifically designed for real-time network monitoring and analysis applications.

Shadowserver Foundation

Shadowserver Foundation

Shadowserver Foundation aims to improve internet security by raising awareness of compromised servers, malicious attackers and the spread of malware.

GE Digital

GE Digital

GE Digital is a leading software company for the Industrial Internet. Products include Industrial Cyber Security for Operational Technology (OT).

Red Snapper Recruitment

Red Snapper Recruitment

Red Snapper Recruitment is a market leading staffing services provider to the law enforcement, cyber security, offender supervision and regulatory services markets.

Patriot Cyber Defense

Patriot Cyber Defense

Patriot Cyber Defense is a Cyber Security and Management Consulting professional services firm.

Onesecure Asia

Onesecure Asia

ONESECURE Asia’s expertise and services are built around its mission to provide reliable, robust and scalable technology solutions to cater for its customers’ needs.

JaCIRT

JaCIRT

JaCIRT is the national Cyber Incident Response Team for Jamaica, established to deliver on the mandate outlined in the GoJ’s National Cyber Security Strategy.

Nitel

Nitel

Nitel is a leading next-generation technology services provider. We simplify the complex technology challenges of today’s enterprises to create seamless and integrated managed network solutions.

SpireTec Solutions

SpireTec Solutions

SpireTec Solutions is an IT management training company offering 1500+ courses with state of art training facilities backed by a team of industry experts in various domains including cybersecurity.

Apollo Secure

Apollo Secure

Apollo is an automated cybersecurity platform for startups and small businesses to achieve and maintain security compliance.

Blackwell Security

Blackwell Security

Blackwell is a driving force in healthcare cybersecurity, transforming how security operations are conducted within this critical sector.