Amongst all the IoT car vulnerabilities discovered in the last three years, 25 percent of them have been rated “critical” by security firm IOActive – meaning they can cause some serious damage if exploited.
Most of these flaws are unlikely to be resolved by or even able to be fixed by automakers – easily compromised vehicles, where simple hacks can have fatal results, will continue to roam our streets – which is entirely unacceptable.
This problem stems from the security philosophy Automotive OEM’s have had – security is achieved though obscurity – keeping details of their system close guarded secrets. The back side to this closed off approach is the constant hunt for entry ports by the black mail fuelled hacker community. There is no doubt that, the published hacks make up only a fraction of the actual issues involved – only the tip of the ice berg. It’s not all bad though, we are finally beginning to see a shift OEM’s approach – a changing Automotive climate is forcing interaction with third party security firms.
The automotive industry needs security expertise from third parties like Trillium – together we can create solutions that will not only reduce the future issues but even fix the ones faced today. With our layered SW based approach we can even retrofit the cars currently deployed – significantly reducing the critical hacks at work today.