Friday, March 18, 2016

FBI issues PSA on cars' cybersecurity citing work by Jacobs School researchers

Last summer, computer scientists at the Jacobs School demonstrated that they could wirelessly control thousands of vehicles via a gadget that's often used by insurance companies to monitor cars. The team, led by Professor Stefan Savage, has worked to raise awareness of flaws in the cybersecurity of cars since 2010.

On March 17, the Federal Bureau of Investigation issued a public service announcement titled "Motor Vehicles Increasingly Vulnerable to Remote Exploits," which alludes to the researchers' work:
As previously reported by the media in and after July 2015, security researchers evaluating automotive cybersecurity were able to demonstrate remote exploits of motor vehicles. The analysis demonstrated the researchers could gain significant control over vehicle functions remotely by exploiting wireless communications vulnerabilities. While the identified vulnerabilities have been addressed, it is important that consumers and manufacturers are aware of the possible threats and how an attacker may seek to remotely exploit vulnerabilities in the future. Third party aftermarket devices with Internet or cellular access plugged into diagnostics ports could also introduce wireless vulnerabilities.
The PSA also says:
The FBI and NHTSA are warning the general public and manufacturers – of vehicles, vehicle components, and aftermarket devices – to maintain awareness of potential issues and cybersecurity threats related to connected vehicle technologies in modern vehicles.
The agency recommends that vehicle owners check the safercar.gov website twice a year for recalls on their cars.

No comments:

Post a Comment