In response to the latest findings about a potentially lethal automotive security flaw by Trend Micro – The Crisis of Connected Cars: When Vulnerabilities Affect the CAN Standard – the US Industrial Control Systems Cybersecurity Emergency Response Team (US/ICS-CERT) has issued an alert. Leaders in IoT security and device-level identity Rubicon Labs offers commented below.
Rod Schultz, Chief Product Officer at Rubicon Labs:
“Following in the footsteps of the internet and mobile devices, the next great technology trend may rise out of the automotive industry. But it is incredibly possible that the Achilles Heel of automotive – the poor motivation to innovate in vehicle security — could lead to a Hindenburg event that destroys the momentum in this rapidly changing sector.
“The hack that has been discovered by the Linklayer Labs and Trend Micro, is creative, but it’s been around for over 20 years. It’s a show- stopper bug in the CAN bus protocol, but sadly it will not be addressed for several more years. The need to encrypt messages and authenticate devices inside a car or truck can no longer be viewed as a money-making option like an enhanced sound system or sunroof. Automakers must acknowledge the risks to their corporate brand and the safety of their customers, and drive innovation in automotive cyber-security.”
The opinions expressed in this post belong to the individual contributors and do not necessarily reflect the views of Information Security Buzz.