Three-year study by IOActive that has found half of vehicle vulnerabilities could allow cyber attackers to take control of a vehicle – and 71% are ‘easy to exploit’ Jon Geater, CTO, Thales e-Security commented below.
Jon Geater, Chief Technology Officer at Thales e-Security:
“To help defend against certain cyber-attacks, and protect the integrity of the supply chain, connected components require clear authentication processes. While vehicle OEMs and their suppliers have recognised that cryptographically-based digital signatures provide the strongest form of authentication, this also necessitates the management and protection of certificates and the underlying keys. The rapid increase in connected components has created the need for broad-scale secure key management, supported by a public key infrastructure (PKI).
“Adding even further complexity, vehicle-to-vehicle and vehicle-to-infrastructure (V2X) communications, although first introduced in 2017 production vehicles, will soon become the norm, requiring manufacturers to identify and implement the necessary technologies to protect drivers, passengers and the wider community from cyber-attackers.”
The opinions expressed in this post belongs to the individual contributors and do not necessarily reflect the views of Information Security Buzz.