Cloud Security Alliance is on the job: Their Internet of Things (IoT) Working Group has just release the first-ever research report on connected vehicle security. In addition to outlining almost 20 different attack vectors and their impact on a driver or vehicle, the report offers plenty of recommendations for how to best secure a connected vehicle in an environment full of them. The report is just out today. Here are the highlights.
The Risk Factors
CSA sees four main predictions about the connected vehicles (CVs) of the future:
CVs will operate while communicating with both legacy and modernized traffic infrastructures and their sensors.Traffic Management applications and vehicles will interact with cloud services using a mixed set of transport protocols (RF/ WiFi, etc).OEM and 3rd party applications will be installed on vehicle platforms and traffic infrastructure components to provide enhanced capabilities.CVs will integrate with the IoT ecosystem to support vehicle integration with smart homes and smart businesses.
The bottom line: A fully connected IoT future is practically a sure thing, and that means cars will have far more security concerns. It’s easy to mess up and tough to get right.
Emphasize Open Standards
New car features can allow owners to start their vehicle remotely, track its location, and even ask it to give information about its last trip. To properly secure these abilities, car tech should operate on openly acknowledged standards that will allow everyone to enjoy the benefits of quality control.
CV tech has already been studied by researchers, the report notes: The report gets deep into the weeds, offering a comprehensive list of the specific pain points a CV developer should be aware of in order to keep the future of our road relatively secure. Could the potential security problems be basically what happened in the last Fast and Furious movie, when a hacker took over hundreds of cars in the middle of New York City? Probably not. But let’s not even get close to that.
