Vertical Markets

Ethical hacking for vehicles

by Mark Rowe

BT has launched its BT Assure Ethical Hacking for Vehicles. That’s a new security service developed to test the exposure of connected vehicles to cyber-attacks.

Connected vehicles – which can be passenger cars as well as trucks, buses, bulldozers or any other type of commercial vehicle – rely on a variety of connectivity, including WiFi, 3G or 4G mobile data links, Bluetooth and other wireless technologies. These provide new on-board features and services such as predictive systems to bypass traffic jams, and reduce carbon emissions. Vehicles are also becoming more connected through electronic systems such as navigation, infotainment, and safety monitoring tools.

The telecoms firm raises concerns about the ability of hackers to gain access and control to the essential features of those vehicles and for others to use information on drivers’ habits for commercial purposes without the drivers’ knowing or consenting. As with all other devices plugged into the “Internet of Things”, security and integrity of data is of critical importance to prevent unauthorised access or remote hijacking of a vehicle.

BT has security specialists including “ethical hackers”, who provide a standardised method to test systems by imitating hacker attacks. BT is now extending that expertise to advise vehicle manufacturers, insurance companies and others in the automotive sector. The aim – identifying and fixing vulnerabilities before the keys of a new vehicle are handed over.

BT Assure Ethical Hacking for Vehicles includes tests targeted at the “attack surfaces” of the vehicle. These cover interfaces that are accessible inside the car, such as Bluetooth links, USB ports, or the DVD drive, as well as external connections such as links to mobile networks or power plugs. BT says that it will look at the end-to-end security by testing and verifying all the systems that interact with the connected vehicle.

Udo Steininger, Head of Assisted and Automated Driving at TÜV SÜD, said that in a few years, most vehicles produced will be connected to the internet or other networks, for navigation, maintenance, cooperative driving or entertainment, and the driver will expect the as from his smartphone. “This bears complex challenges for the automotive industry, as cars are equipped with a number of embedded systems that have not been designed to be connected to the outside world. The industry needs to join forces, including with suppliers, IT security specialists and certification bodies, to agree on a common approach to interfaces and security standards for the Connected Car.”

And Hubertus von Roenne, Vice President Global Industry Practices at BT Global Services, said: “Vehicles are now connected devices, confronting manufacturers and suppliers with a whole new world of security challenges. For example, we have seen cars infected with malware while connected to a power charging station – because nobody had expected this would be possible. We use the expertise and knowledge of our Ethical Hacking consultants to identify these vulnerabilities – before others do. BT has decades of experience in securing connected devices and embedded systems across various industries and we are very proud to now offer that experience to the automotive industry.”

Related News

Newsletter

Subscribe to our weekly newsletter to stay on top of security news and events.

© 2024 Professional Security Magazine. All rights reserved.

Website by MSEC Marketing