Three-year study by IOActive that has found half of vehicle vulnerabilities could allow cyber attackers to take control of a vehicle – and 71% are ‘easy to exploit’ Jon Geater, CTO, Thales e-Security commented below.
Jon Geater, Chief Technology Officer at Thales e-Security:
“With around 100 million lines of code and the computing power of over 20 PCs combined, today’s vehicles have more in common with the iPhone than the Ford Escort. Increased complexity and connectivity demands advanced security approaches to ensure safe operation and protection of sensitive data – and this study only raises fresh questions regarding how secure connected cars really are from cyber-attackers.
“To help defend against certain cyber-attacks, and protect the integrity of the supply chain, connected components require clear authentication processes. While vehicle OEMs and their suppliers have recognised that cryptographically-based digital signatures provide the strongest form of authentication, this also necessitates the management and protection of certificates and the underlying keys. The rapid increase in connected components has created the need for broad-scale secure key management, supported by a public key infrastructure (PKI).
“Adding even further complexity, vehicle-to-vehicle and vehicle-to-infrastructure (V2X) communications, although first introduced in 2017 production vehicles, will soon become the norm, requiring manufacturers to identify and implement the necessary technologies to protect drivers, passengers and the wider community from cyber-attackers.”
Most Commented Posts
2020 Cybersecurity Landscape: 100+ Experts’ Predictions
Cyber Security Predictions 2021: Experts’ Responses
Experts’ Responses: Cyber Security Predictions 2023
Data Privacy Protection Day (Thursday 28th) – Experts Comments
Experts Insight On US Pipeline Shut After Cyberattack
Most Active Commenters
Recent Comments
“Cybersecurity Awareness Month’s new evergreen theme "Secure Our World” is…
“Avoid storing data on personal devices: A crucial but often overlooked…
“I recommend a new nuance to passwords that isn’t often…
“In my role overseeing cloud environments and incident response, I'm…
“Cybersecurity Awareness Month serves as a reminder to confront the…