10 Matching Annotations
- Nov 2021
-
www.nytimes.com www.nytimes.com
-
It’s even possible that future window stickers on new cars may point out that a vehicle meets cybersecurity standards.
Evidence of hacking evolution
-
This year, a United Nations regulation on vehicle cybersecurity came into force, obligating manufacturers to perform various risk assessments and report on intrusion attempts to certify cybersecurity readiness. The regulation will take effect for all vehicles sold in Europe from July 2024 and in Japan and South Korea in 2022.
Global regulations for automotive cybersecurity being to emerge.
-
Major software and hardware suppliers to the world’s manufacturers build in firewalls to ensure that such elements as infotainment systems are prevented from passing code to systems that regulate speed, steering and other critical functions.Vehicle electronic control units are being designed to send an alert if one system that normally never communicates with another suddenly tries to do so. And they’re also locked down, so that an attempt to inject new code will be thwarted.
-
Trucking fleets are even more at risk, said Moshe Shlisel, chief executive of GuardKnox Cyber Technologies. An entire fleet could be shut down or otherwise compromised for a ransom, he said.
High value targets
-
Cybersecurity companies must protect a vehicle in multiple ways. Threats include SIM cards carrying malicious code, faked over-the-air software updates, code sent from a smartphone to the vehicle, and vehicle sensors and cameras being tricked with wrong information.
Multi-factor safety demands.
-
The challenge may be even greater than securing the world’s airlines. According to a McKinsey & Company report on automotive cybersecurity, modern vehicles employ around 150 electronic control units and about 100 million lines of code; by 2030, with the advent of autonomous driving features and so-called vehicle-to-vehicle communication, the number of lines of code may triple.
It will be difficult to ensure cybersecurity.
-
The best-known vehicle takeover occurred in 2015 when security researchers on a laptop 10 miles away caused a Jeep Cherokee to lose power, change its radio station, turn on the windshield wipers and blast cold air. Jeep’s parent company, FCA, recalled 1.4 million vehicles to fix the vulnerability.
Demonstrative evidence
-
In 2019, the automotive cybersecurity company Karamba Security posted a fake vehicle electronic control unit online. In under three days, 25,000 breach attempts were made, and one succeeded.
Demonstrative evidence of hacking evolution
-
Karamba has been working with a South American trucking company whose fleet was hacked to hide it from its tracking system, allowing thieves to steal its cargo unnoticed.
Evidence: actual committed crime
-
While consumers may love the features, hackers may love them even more.
The more technology there is, the more enticing to hackers it can become.
-