Connected Cars: Risks for Automated Vehicles.

Uploaded on 2015-03-26 in TECHNOLOGY--Developments, NEWS-News Analysis, FREE TO VIEW, BUSINESS-Services-IT & Telecoms, TECHNOLOGY-Key Areas-Internet of Things

broadcom-connectedcar_slide.jpg

Every day more devices are being connected to the Internet and connected cars are growing in number each year. These cars are well equipped with automatic notification of crashes, notification of speeding and safety alerts, but reports suggest that they are prone to cyber attacks because not enough measures have been taken to adequately protect these connected cars from hackers.  
The connected car could make our cloud services, e-mail, text messages, contacts, and other personal, financial, and work data vulnerable to hackers. Burglars could determine vehicle location provided by the vehicle’s e-email, text messages, contacts, and other personal, financial, and work data vulnerable to hackers. Burglars could determine vehicle location provided by the vehicle’s GPS to monitor when a home’s occupants are miles away. Hackers can gain access to vehicle networks and wreak havoc on traffic and even threaten the safety of vehicle occupants.
Connected cars can share information for a C2C (car-to-car) or a C2I (Car-to-Infrastructure) connections in real-time. Cars are becoming part of IoT (Internet of Things). Experts predict that (car-to-car) or a C2I (Car-to-Infrastructure) connections in real-time. Experts predict that IOT risks are going to increase drastically this year. How data is fetched from the Internet or data requests that are going from the car should be analyzed and evaluated. So, the focus is going to be in the cloud.
And with all the time we spend in where cars on the road will automatically swap data such as speed and direction, sending alerts to avoid crashes or traffic snarls. And with all the time we spend in our cars, it makes sense that they should become personalized digital assistants. 
Recently, German auto outfit announced it was sending an over-the-air update to cars featuring its SIM-based ConnectedDrive module. This allows drivers to remotely unlock their car, but the German automobile club ADAC had reverse-engineered the telematics software and warned BMW that a flaw made it possible for third parties to unlock vehicles. The update, which introduces HTTPS encryption to the car’s connection with BMW’s servers, is automatically downloaded as soon as the car module talks to that system.
Hackers were in theory able to dupe the car into unlocking by creating a fake mobile network, according to Reuters. There is no evidence that the flaw has been exploited, though it was present in up to 2.2 million BMWs, Minis and Rolls-Royces. Though, the vulnerability was patched on time by the company, there is always a learning from such an event. The majority of all automakers transmit data to third parties.
Recently, Oracle developed a platform to develop an application for cars using JAVA. Similarly, Qualcomm, AT&T and others are bringing in new platforms exclusively for connected cars. With such great technologies, we are creating a vast new attack surface for the hackers. The future is going to depend on the way we are going to provide Security awareness and security development for these connected cars.
Security Affairs http://bit.ly/1EXU3Y4

 

« 5 Essential Truths of The Internet Of Things
Drones: The Looming Threat »

CyberSecurity Jobsite
Perimeter 81
Cyrin

Real Attacks. Real Tools. Real Scenarios.
Schedule a demo

Go Cyber

Training that transforms behaviours

Sign Up: Cyber Security Intelligence Newsletter

Directory of Suppliers

The PC Support Group

The PC Support Group

A partnership with The PC Support Group delivers improved productivity, reduced costs and protects your business through exceptional IT, telecoms and cybersecurity services.

Jooble

Jooble

Jooble is a job search aggregator operating in 71 countries worldwide. We simplify the job search process by displaying active job ads from major job boards and career sites across the internet.

NordLayer

NordLayer

NordLayer is an adaptive network access security solution for modern businesses — from the world’s most trusted cybersecurity brand, Nord Security. 

Perimeter 81 / How to Select the Right ZTNA Solution

Perimeter 81 / How to Select the Right ZTNA Solution

Gartner insights into How to Select the Right ZTNA offering. Download this FREE report for a limited time only.

DigitalStakeout

DigitalStakeout

DigitalStakeout enables cyber security professionals to reduce cyber risk to their organization with proactive security solutions, providing immediate improvement in security posture and ROI.

CyberPolicy

CyberPolicy

CyberPolicy is a cyber protection solution for small businesses. It combines three important components against cyber threats - Cyber Plan, Cybersecurity and Cyber Insurance.

CloudCodes Software

CloudCodes Software

CloudCodes is a cloud security solutions provider focused on providing cloud security solutions to enterprise customers.

CopSonic

CopSonic

Copsonic provide a technology solution based on ultrasonic waves to send secure and encrypted data between two devices in order to achieve authentication.

DeepCyber

DeepCyber

DeepCyber supports its customers, with an “intelligence-driven” approach, to improve their proactive detection and response "capability" of cyber threats.

Carbide

Carbide

Carbide (formerly Securicy) breaks down enterprise-class security and privacy requirements and makes them accessible to, and achievable by, companies of all sizes.

National Health Care Anti-Fraud Association (NHCAA)

National Health Care Anti-Fraud Association (NHCAA)

National Health Care Anti-Fraud Association is the leading national organization focused exclusively on the fight against health care fraud.

VIQU Recruitment

VIQU Recruitment

VIQU Recruitment was formed with the primary focus of providing 'Smarter People Solutions' to the UK’s professional IT & Cyber Security markets.

CyFIR

CyFIR

CyFIR is a network investigation and Incident Response tool for performing live computer investigations across any size enterprise.

eSec Forte Technologies

eSec Forte Technologies

eSec Forte Technologies is a CMMI Level-3 ISO 9001-2008, 27001-2013 certified global consulting and implementation company focused on Information Security and Cyber Security.

Dasera

Dasera

Dasera’s Radar and Interceptor products deliver visibility, governance, and protection solutions for data-agile companies.

Corsica Technologies

Corsica Technologies

Corsica Technologies is recognized as one of the top managed IT and cybersecurity service providers. Our integrated IT and cybersecurity services protect companies and enable them to succeed.

Drawbridge

Drawbridge

Drawbridge is a premier provider of cybersecurity software and solutions to the alternative investment industry.

Cyera

Cyera

Cyera is the data security company that gives businesses context and control over their most valuable asset: data.

Accelerynt

Accelerynt

Accelerynt was founded with a singular purpose: help teams like yours build cybersecurity resilience.

Logiq Consulting

Logiq Consulting

Logiq Consulting provide a full range of Cyber Security, Information Assurance and System Engineering services.

Keyrus

Keyrus

Keyrus is a global consultancy that develops data and digital solutions for performance management.