After testing seven Android apps from seven popular car makers, security experts from Kaspersky Lab concluded that many mobile applications contain basic security flaws that could facilitate the theft of modern, connected cars. Their research shows that despite cars being a very expensive product, car makers don’t value the security of their apps the same way banks put a primer on the safety for a customer’s bank account. This lack of attention from car makers has now led to a situation where car thieves can simply hire a coder with experience in developing Android applications, and ask him to analyze a car maker’s Android app for security holes. Mike Ahmadi, Global Director – Critical Systems Security at Synopsys commented below.
Mike Ahmadi, Global Director – Critical Systems Security at Synopsys:
“Banks are indeed more mature in their general approach to security, including the hundreds and often thousands of applications they must interface with on a daily basis. They have faced the pallor of being a target for a much longer time than the automotive community has, and they take a very proactive approach, generally speaking, in addressing ongoing security issues.
The automotive industry is still relatively new to both application management and security issues, comparatively speaking, and is certainly working hard to address issues as they arise. While the banking industry may be better prepared to address security issues, the automotive industry continues to learn how to manage the many security challenges it faces as their connected vehicles continue to proliferate. It may take some time until the automotive industry reaches a level of security maturity that is as well developed as banks, but I have no doubt they will get there.”
The opinions expressed in this post belongs to the individual contributors and do not necessarily reflect the views of Information Security Buzz.