Monday, November 24, 2014

Car Manufacturers, Industry Groups Work To Prevent Car Cyberattacks


In this day and age, just about anything can be hacked, including your car. And with more and more vehicles including Internet capabilities, car manufacturers and industry groups are working against the clock to create cyber defenses for commercially available vehicles.

The Associated Press reports while there are no publicly known instances of a car being hacked, both groups have conducted tests that show how easily hackers can gain access to vehicles.


“You’re stepping into a rolling computer now,” says Chris Valasek, a computer security technician.


Valasek helped to shed light on the possibility of car hackings last year when he and a partner were able to control a 2010 Toyota Prius and 2010 Ford Escape by plugging into a port used by mechanics.


More recently in a Defense Department-funded test on a 2012 model American-made car, hackers demonstrated they could create the electronic equivalent of a skeleton key to unlock the car’s networks.


Kathleen Fisher, a computer scientist who oversaw the test, said that it was easy to “package up the smarts and make it available online, perhaps in a black-market type situation.”


The point of the test was to plug vulnerabilities and fix the computer code that controls a vehicle to protect them from known threats, Fisher says. A new code, which could be ready in a few years, will eventually be distributed to automakers, who could use it adapt it for their specific models to prevent hacks.


But a few years from now is a few too many for some companies in the car industry. Honda and Toyota, along with other brands are helping to establish an “information sharing and analysis center” patterned after efforts used by the financial industry to ward-off cyberattacks, the AP reports.


Additionally, officials with GM tell the AP that cybersecurity is “one of the highest priority things” the company has to deal with.


Michael Cammisa, director of safety for the Association of Global Automakers tells the AP that the industry has to change the way they design vehicles. Now instead of looking at how components might fail, they have to look at how someone might maliciously attack the vehicle.


One such group, Auto-ISAC announced this summer that it has created a program that aims to allow car companies to evaluate the credibility of threats and if an attack occurs let participants warn each other so they can conduct their own tests.


Other car manufacturers, including General Motors, have looked at the systems created by Boeing and defense companies that hold off hackers.


Cybersecurity for cars? Yes, hackers could kill a car’s engine [The Associated Press]




by Ashlee Kieler via Consumerist

No comments:

Post a Comment