Jump to content
Forums Gone... but not forgotten!

Tired of these Ads? Register Today!

  • Welcome to Forever Pontiac

    We are a community of Pontiac enthusiasts. The purpose of our community is to keep alive the Pontiac spirit by sharing (or showing off) our cars, discussing Pontiac, helping each other work on our cars and find information, plus attend various meets/shows/etc... To aid discussion, sharing, event planning and selling of parts/cars/anything, we have various parts of the website to aid this from Forums to an online Garage to Classifieds to even a Document Download Repository. You can find links to these in our navigation above based on what each section helps with (discussion, local events, learning, etc...).

    We invite you to contribute, find help or just view some of our member's amazing cars! Don't forget, we also have great contests from time to time (like our Pontiac of the Month and yearly calendar contest) and our Pontiac This OR That, a fun game where you choose the best of two randomly selected Pontiacs from our online garage.

    We look forward to seeing you around!

Archived

This topic is now archived and is closed to further replies.

FeedBot

Car and Driver: Auto Industry Unites to Take Countermeasures Against Hackers

Recommended Posts

-

2017 Mitsubishi Outlander PHEVAutomakers have gotten more serious about protecting motorists from car-related cyber threats, and not a moment too soon. Amid growing concern from Congress and the traveling public, a dozen major manufacturers established an Information and Sharing Analysis Center, which became fully operational in January. Already, the organization’s leaders say they’ve thwarted attacks by sharing threat intelligence and information on vulnerabilities.

-

The fledgling organization’s leaders discussed their efforts and the overall state of automotive cyber-security this week during the Tu-Automotive conference in suburban Detroit. Their remarks came only days after British security researchers announced they had exploited vulnerabilities in a Mitsubishi Outlander plug-in hybrid (via Wi-Fi connection to the head unit seen in the photo above) that allowed them to manipulate certain vehicle functions. Researchers from Pen Test Partners say they found minimal security measures on the vehicle and easily tapped into the on-board Wi-Fi to access features controlled by the infotainment screen. As the number of connected vehicles mushrooms across the globe, the possibility of similar security breaches grows.

-

The Bigger Worry: Ransomware

-

But automotive cyber threats will likely change in nature going forward, moving away from the research-based meddling that the industry has seen so far and toward ransomware attacks that have plagued other industries and offer malicious hackers the prospect of big paydays. To date, ransomware attacks largely have largely targeted hospital and healthcare facilities that rely on real-time information to provide critical care for patients. Hackers threaten to lock vital computer systems until a ransom is paid.

-

Automotive experts warn that hackers could conduct similar attacks on connected cars, disabling them in similar fashion until they get paid. Or worse.

-

“We’re lucky that no one has hacked an entire brand of cars and said, ‘I’m going to stop all your cars tomorrow at noon, unless you give me money,’” said Stefan Gudmundsson, director of strategy for cellular products at u-blox, a Swiss company that builds wireless semiconductors for car companies.

-

That’s the sort of broad-based hack that has worried Department of Defense officials since researchers at the University of California-San Diego and University of Washington first demonstrated that it was possible to breach the electronic systems in cars six years ago. Until recently, the auto industry seemed slow to address vulnerabilities. The remote hack of a Jeep Cherokee by researchers Charlie Miller and Chris Valasek disclosed last summer finally brought those worries—from both the industry and federal officials—to the forefront.

-

Cooperation to Confront the Threat

-

Industry leaders had already started work on establishing the ISAC by that point, but the Jeep hack accelerated their timeline and expanded the scope of their plan. Now, ISAC officials are adding suppliers to their group faster than anticipated. Delphi was the first to join earlier this year. Jon Allen, executive director of the ISAC, said four more suppliers are expected to join the organization within a week and that it’s possible another eight more companies will join by the end of June. One of them might be Google.

-

“Google is a major one, especially with their relationship with FCA,” Allen said. “We’re in discussions with Google.” A Google spokesperson declined comment.

-

Whether it’s a tech giant like Google or a Tier-3 supplier, involving any company outside the scope of a major automaker’s internal engineering corps is tricky business. A major hurdle in setting up the ISAC, which relies on companies self-reporting their vulnerabilities, was getting them used to the idea that they might have to share some proprietary information. Adding suppliers that might be doing work for multiple automakers complicates an already-delicate balance. Convincing automakers to share information in the first place required a “cultural shift,” Allen said.

-
--
-

Within the first few months, the automakers have already confronted public hacks of the Nissan Leaf and now the Mitsubishi Outlander. There have been other threats discovered that never made headlines, Allen said. Sorting through the fallout of those vulnerabilities has helped the automakers gain trust in one another.

-

“I think we come together when it matters most,” said Henry Bzeih, managing director of connected and mobility for Kia. “We’re competitors, obviously, but we’re pragmatic and we find ways to work together and have answers on the things that matter most—safety, V2V [vehicle-to-vehicle communications], SAE standards. Cyber security has been an amazing ride so far, and we’ve made amazing progress trusting each other.”

-
-3GeyqukqfkA

Read Full Article

Share this post


Link to post
Share on other sites

Tired of these Ads? Register Today!


Tired of these Ads? Purchase Enhanced Membership today to remove them!
×

Important Information

We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.