Eskenzi PR Eskenzi PR
  • About Us
Tuesday, 20 April, 2021
IT Security Guru
Eskenzi PR
  • Home
  • Features
  • Insight
  • Events
    • Women in Cyber 2020
    • Women in Cyber 2020 [SPONSORS]
  • Topics
    • Cloud Security
    • Cyber Crime
    • Cyber Warfare
    • Data Protection
    • DDoS
    • Hacking
    • Malware, Phishing and Ransomware
    • Mobile Security
    • Network Security
    • Regulation
    • Skills Gap
    • The Internet of Things
    • Threat Detection
    • AI and Machine Learning
    • Industrial Internet of Things
  • Multimedia
  • Product Reviews
  • About Us
No Result
View All Result
  • Home
  • Features
  • Insight
  • Events
    • Women in Cyber 2020
    • Women in Cyber 2020 [SPONSORS]
  • Topics
    • Cloud Security
    • Cyber Crime
    • Cyber Warfare
    • Data Protection
    • DDoS
    • Hacking
    • Malware, Phishing and Ransomware
    • Mobile Security
    • Network Security
    • Regulation
    • Skills Gap
    • The Internet of Things
    • Threat Detection
    • AI and Machine Learning
    • Industrial Internet of Things
  • Multimedia
  • Product Reviews
  • About Us
No Result
View All Result
IT Security Guru
No Result
View All Result

Jeep Cherokee once again proven to be as secure as Office of Personnel Management at Black Hat USA

by The Gurus
August 12, 2016
in Editor's News, News
Share on FacebookShare on Twitter

Hacking IoT devices and smart objects is always making headlines. After all, we use these devices to simplify our lives – so having their processes interrupted, hijacked or used against us is a real nightmare. However, hacking a thermostat is one thing; hacking a car is another.
At this year’s Black Hat in Las Vegas, experts once again showed that the Jeep Cherokee is vulnerable to the whims of cyber-crims. Researchers sent false messages to the car’s internal networks, overriding the legitimate ones. They could then steer, brake and speed up the vehicle. It was the same researchers, Charlie Miller and Chris Valasek, who infamously hacked a Jeep whilst on the highway just over a year ago.
Speaking to IT Security guru, Brian Spector, CEO at MIRACL, said that “The Jeep hacks demonstrate the serious problem of verifying the identities of people using the connected devices within today’s cars. Having very limited encryption, identity management and data protection within such a powerful computer is extremely dangerous and poses a real and serious threat to everyone using our roads today. Move forwards to the increasing trend for driverless cars, and the potential fallout from this lack of authentication becomes even more frightening.”
But in terms of preventing this from happening in future, what can carmakers do? Spector told us that “For connected cars to become more secure, relationships must be established within the components of a vehicle, to ensure that only a legitimate operator can control the connected devices within a car. If a hacker then tried to take control of one of the on-board systems, their identity would not be verified and access would be denied.  The current security checks often fail because they rely on slow, centralised identity verification services. To connect the components more quickly and autonomously, manufacturers should deploy a distributed trust model which allows for fast pre-authorisation, and removes the roadblock of a centralised service.”
But are car manufacturers taking cyber security seriously enough?
Richard Kirk, Senior Vice President at AlienVault told us that “There is no evidence that car manufacturers are taking cyber security seriously. One has to assume that given the recent high profile car hacks, the manufacturers have changed the way that they approach security, however this is not being publicised. Perhaps they should be boasting about their work as no doubt savvy customers will soon start asking questions.”
So it appears consumers are going to have to start getting serious about security or face all manner of cyber-risks. This isn’t a shift that happens overnight, so there need to be things car owners can start to do now to help start the good habits of personal security and such that’ll prevent them falling victims to such a hack.
Kirk advised us that “Car owners should apply the same rules that they follow, or should be following, for their computers and smartphones. Use hard to guess passwords, do not share passwords and do not give anyone access to your car app or portal account. There is not much they can do otherwise since the car manufacturers control the car systems. For the example, unlike a PC or laptop, you cannot install a firewall in your car, although ironically cars do have physical firewalls between the engine and the passenger compartment, to literally protect the passenger against an engine fire.”
So if this happens again, where will responsibility and liability ultimately fall on for cyber-attacks to cars, especially when another car is involved? Is it a problem for the car company, the insurer, or the driver themselves?
Kirk told us that “This will depend on the country and legal jurisdiction, as well as the contractual terms of both the car purchase and insurance. It will probably take some time for cyber incidents to be challenged in court before clear lines of responsibility become clear. If insurance companies take the initiative and start including cyber cover in their policies, they could benefit from being seen to protect drivers, however cyber insurance is not a well understood business.”

0 0 vote
Article Rating
FacebookTweetLinkedIn
Tags: AlienVaultcar hackingdoor lockingdriverless carsidentity managementiot securityjeepjeep cherokeeMIRACLsmart vehiclessteeringvehicle
ShareTweetShare
Previous Post

Gartner Says Worldwide Information Security Spending Will Grow 7.9 Per Cent to Reach $81.6 Billion in 2016

Next Post

Thieves can wirelessly unlock up to 100 million Volkswagens, each at the press of a button

Subscribe
Notify of
guest
guest
0 Comments
Inline Feedbacks
View all comments

Recent News

AT&T Cybersecurity Launches New Managed Endpoint Security Solution with SentinelOne

AT&T Cybersecurity Launches New Managed Endpoint Security Solution with SentinelOne

April 19, 2021
Dominos pizza

Domino’s India suffers data breach

April 19, 2021
whatsapp icon

Vulnerabilities found in older version of WhatsApp

April 19, 2021
Data Breach Cyber attack code

University of Hertfordshire suffers system outage due to cyberattack 

April 15, 2021

The IT Security Guru offers a daily news digest of all the best breaking IT security news stories first thing in the morning! Rather than you having to trawl through all the news feeds to find out what’s cooking, you can quickly get everything you need from this site!

Our Address: 10 London Mews, London, W2 1HY

Follow Us

© 2015 - 2019 IT Security Guru - Website Managed by Calm Logic

  • About Us
No Result
View All Result
  • Home
  • Features
  • Insight
  • Events
    • Women in Cyber 2020
    • Women in Cyber 2020 [SPONSORS]
  • Topics
    • Cloud Security
    • Cyber Crime
    • Cyber Warfare
    • Data Protection
    • DDoS
    • Hacking
    • Malware, Phishing and Ransomware
    • Mobile Security
    • Network Security
    • Regulation
    • Skills Gap
    • The Internet of Things
    • Threat Detection
    • AI and Machine Learning
    • Industrial Internet of Things
  • Multimedia
  • Product Reviews
  • About Us

© 2015 - 2019 IT Security Guru - Website Managed by Calm Logic

This site uses functional cookies and external scripts to improve your experience.

More information
wpDiscuz
0
0
Would love your thoughts, please comment.x
()
x
| Reply
Privacy Settings / PENDINGGDPR Compliance

Privacy Settings / PENDING

This site uses functional cookies and external scripts to improve your experience. Which cookies and scripts are used and how they impact your visit is specified on the left. You may change your settings at any time. Your choices will not impact your visit.

NOTE: These settings will only apply to the browser and device you are currently using.

GDPR Compliance

Accept