In recent news, the U.S. has announced that it is planning to ban Chinese and Russian technology in cars primarily due to national security concerns. Modern cars collect and transmit a vast amount of data, including location, driving habits, and personal information. The U.S. fears that Chinese and Russian technologies could be used to collect sensitive data compromising the privacy and security of U.S. targets and also is concerned that it could be exploited to launch cyberattacks, disrupt vehicle operations, or even take control of vehicles remotely. Although there are currently few Chinese or Russian vehicles on U.S. roads, the ban is seen as a proactive step to prevent potential threats before they become widespread.
Today's vehicles are equipped with a plethora of digital systems, including infotainment units, telematics, and advanced driver-assistance systems (ADAS). These systems rely on software and connectivity to function, making them susceptible to cyberattacks. The integration of GPS for navigation and tracking further expands the attack surface.
The implications of these vulnerabilities are far-reaching. Beyond the theft of vehicles, attackers could cause accidents, disrupt traffic, or even use compromised vehicles as weapons. The personal data stored in vehicle systems, such as contact information and travel history, also poses serious privacy risks to individuals.
As vehicles become more connected and reliant on software integrations and updates from manufacturers the potential for cyberattacks increases. Continuous vigilance and proactive measures are essential to protect against bad actors.
References
(1) US moves to ban Chinese, Russian tech from autonomous cars. https://www.dw.com/en/us-moves-to-ban-chinese-russian-tech-from-autonomous-cars/a-70302814.
(2) Rising Security Weaknesses in the Automotive Industry and What It Can .... https://www.trendmicro.com/vinfo/us/security/news/cybercrime-and-digital-threats/rising-security-weaknesses-in-the-automotive-industry-and-what-it-can-do-on-the-road-ahead.
(3) Modern cars: A growing bundle of security vulnerabilities. https://www.helpnetsecurity.com/2021/12/14/modern-car-vulnerabilities/.
(4) Cyberattacks On Vehicles Pose A Threat To Drivers And ... - Forbes. https://www.forbes.com/councils/forbestechcouncil/2021/12/10/cyberattacks-on-vehicles-pose-a-threat-to-drivers-and-manufacturers/.
(5) Security vulnerabilities in major car brands revealed. https://www.malwarebytes.com/blog/news/2023/01/security-vulnerabilities-in-major-car-brands-revealed.
(6) Modern Vehicles Present Unique Threats and Vulnerabilities to the .... https://www.usni.org/magazines/proceedings/2022/february/modern-vehicles-present-unique-threats-and-vulnerabilities.
(7) Vehicle hacking: A history of connected car vulnerabilities and .... https://www.infosecinstitute.com/resources/scada-ics-security/vehicle-hacking-a-history-of-connected-car-vulnerabilities-and-exploits/.
If you are interested in finding out more about the IISF, or would like to attend one of our Chapter Meetings as an invited guest, please contact the
IISF Secretary:
By email:
secretary@iisf.ie
By post:
David Cahill
Information Security
GPO, 1-117
D01 F5P2
Enhance your Cybersecurity knowledge and learn from those at the coalface of information Security in Ireland
Invitations for Annual Sponsorship of IISF has now reopened.
Sponsors are featured prominently throughout the IISF.IE website, social media channels as well as enjoying other benefits Read more