This article is more than 1 year old

Jeep breach: Scared? You should be, it could be you next

Why the hell connect cars to the net anyway?

A CERT for the car industry

Last year US Senator Edward Markey put out a report criticising the car industry's weak response to security vulnerabilities that were evident even then.

Other developments suggest that auto makers may be finally waking up to the threat.

The Alliance of Automobile Manufacturers last week announced an Auto ISAC (information sharing and analysis centre) which will hopefully facilitate the sharing of best practices once it launches later this year.

Andrew Conway, research analyst at Cloudmark, said he was “shocked to discover that major car manufacturers think it's perfectly acceptable to have the brakes, steering, and transmission of a automobile controlled by a network that is also connected to the internet” for anything more than entertainment and information.

“There are lots of good reasons to connect a car to the internet, such as navigation, entertainment, phone calls, and weather forecasts, but there are no good reasons to have that network connected to the drive systems except to save a buck or two in the manufacturing process,” Conway said.

“The controls needed to drive the car should be completely isolated from any external facing system, so no Bluetooth, no Wi-Fi, no 3G, no attack surface at all," concluded Conway. ®

More about

More about

More about

TIP US OFF

Send us news


Other stories you might like