Preventing Cyber Attacks on Aftermarket Connectivity Solutions Zach Blumenstein, BD Director Argus Cyber Security

Similar documents
Conquering Complexity: Addressing Security Challenges of the Connected Vehicle

Securing the future of mobility

13W-AutoSPIN Automotive Cybersecurity

Security Challenges with ITS : A law enforcement view

The modern car has 100 million lines of code and over half of new vehicles will be connected by 2020.

Preventing External Connected Devices From Compromising Vehicle Systems Vector Congress November 7, 2017 Novi, MI

Examining future priorities for cyber security management

Automotive Cyber Security

Cybersecurity Challenges for Connected and Automated Vehicles. Robert W. Heller, Ph.D. Program Director R&D, Southwest Research Institute

Convergence of Safety, Systems & Cybersecurity Bill StClair, Director, LDRA, US Operations

Securing the Connected Car. Eystein Stenberg CTO Mender.io

Development of Intrusion Detection System for vehicle CAN bus cyber security

Automotive Anomaly Monitors and Threat Analysis in the Cloud

Fast and Vulnerable A Story of Telematic Failures

Offense & Defense in IoT World. Samuel Lv Keen Security Lab, Tencent

Cyber Risks in the Boardroom Conference

PENETRATION TESTING OF AUTOMOTIVE DEVICES. Dr. Ákos Csilling Robert Bosch Kft., Budapest HUSTEF 15/11/2017

Modern Automotive Vulnerabilities: Causes, Disclosure & Outcomes Stefan Savage UC San Diego

Vehicle & Transportation Infrastructure Cyber Security Discussions. IQMRI

SIMPLIFYING THE CAR. Helix chassis. Helix chassis. Helix chassis WIND RIVER HELIX CHASSIS WIND RIVER HELIX DRIVE WIND RIVER HELIX CARSYNC

Securing the Connected Car. Eystein Stenberg Product Manager Mender.io

Connect Vehicles: A Security Throwback

The case for a Vehicle Gateway.

Risk-based design for automotive networks. Eric Evenchik, Linklayer labs & Motivum.io Stefano Zanero, Politecnico di Milano & Motivum.

Voertuigconstructeurs en data economie

WardsAuto Interiors Conference Creating the Ultimate User Experience

Automotive Cybersecurity: Meeting the High-Stakes Challenge

Addressing Future Challenges in the Development of Safe and Secure Software Components The MathWorks, Inc. 1

Heavy Vehicle Cyber Security Bulletin

Accelerating solutions for highway safety, renewal, reliability, and capacity. Connected Vehicles and the Future of Transportation

Automotive Security Standardization activities and attacking trend

Credit Union Cyber Crisis: Gaining Awareness and Combatting Cyber Threats Without Breaking the Bank

TRENDS IN SECURE MULTICORE EMBEDDED SYSTEMS

Cyber Attacks & Breaches It s not if, it s When

Uptane: Securely Updating Automobiles. Sam Weber NYU 14 June 2017

Accelerating solutions for highway safety, renewal, reliability, and capacity. Future of Transportation

Future Implications for the Vehicle When Considering the Internet of Things (IoT)

The Need for Operational and Cyber Resilience in Transportation Systems

You ve Been Hacked Now What? Incident Response Tabletop Exercise

Hardening Attack Vectors to cars by Fuzzing

4G and 5G Cellular Technologies Enable Intelligent Transportation Use Cases

The Remote Exploitation of Unaltered Passenger Vehicles Revisited. 20 th October 2016 Mark Pitchford, Technical Manager, EMEA

The Information Age has brought enormous

KPIT S Connected Vehicle Practice

2014 TRANSIT CEOs SEMINAR. Cybersecurity What Every CEO Should Know to Help Secure the System

December 10, Statement of the Securities Industry and Financial Markets Association. Senate Committee on Banking, Housing, and Urban Development

ESOA > The Connected Automobile. Connected Automobiles Market Overview Paul Gudonis, Global Network & Services

Mission: Continuity BUILDING RESILIENCE AGAINST UNPLANNED SERVICE INTERRUPTIONS

A regulatory framework for connected and automated driving Towards a strengthened cooperation

to Address Cyber Physical Systems Security (CPSSEC)

Background FAST FACTS

Business continuity management and cyber resiliency

Automotive Gateway: A Key Component to Securing the Connected Car

UNECE WP29/TFCS Regulation standards on threats analysis (cybersecurity) and OTA (software update)

Cybersecurity Risk Mitigation: Protect Your Member Data. Introduction

10 Cybersecurity Questions for Bank CEOs and the Board of Directors

SECURING THE CONNECTED ENTERPRISE.

Contents. Updates and Changes.. 3

Chalmers Publication Library

Cybersecurity Engineering and Assurance for Connected and Automated Vehicles

Service Provider View of Cyber Security. July 2017

ERCI cybersecurity seminar Guildford ERCI cybersecurity seminar Guildford

SGS CYBER SECURITY GROWTH OPPORTUNITIES

Smart Connected Vehicles: Driving to the Bottom Line!

The Key Principles of Cyber Security for Connected and Automated Vehicles. Government

Access to Data / Access to Market

W3C CASE STUDY. Teamwork on Open Standards Development Speeds Industry Adoption

Sierra Wireless. Corporate Overview. May 2017

New Business. Opportunities for Cellular IoT. Loic Bonvarlet Director of Marketing Secure Identity Arm. Copyright 2018 Arm, All rights reserved.

Trends in Cybersecurity in the Water Industry A Strategic Approach to Mitigate Control System Risk

Secure Product Design Lifecycle for Connected Vehicles

Secure Software Update for ITS Communication Devices in ITU-T Standardization

Countermeasures against Cyber-attacks

Cybersecurity The Evolving Landscape

Securing the Autonomous Automobile

37 FAQs ABOUT CELLCONTROL ASKED BY PARENTS OF NEW DRIVERS

An outlook on INTELLIGENCE in 2024

Executive Insights. Protecting data, securing systems

Recommendations on residual issues relevant to ecall

EBOOK 4 TIPS FOR STRENGTHENING THE SECURITY OF YOUR VPN ACCESS

Automotive Security An Overview of Standardization in AUTOSAR

AUTOMOTIVE FOUNDATIONAL SOFTWARE SOLUTIONS FOR THE MODERN VEHICLE

WHITE PAPER. Decoupling Hardware from Software in the Next Generation of Connected Vehicles AUTOMOTIVE CONNECTIVITY

The hidden cost of smart buildings

Express Monitoring 2019

ARM processors driving automotive innovation

How to make Connected Car Reality? Dr. Walter J. Buga CEO

Cyber Security and Vehicle Diagnostics. Mark Zachos DG Technologies

IBM Cloud Internet Services: Optimizing security to protect your web applications

Connected vehicle cloud

Car Hacking for Ethical Hackers

cybersecurity in Europe Rossella Mattioli Secure Infrastructures and Services

NEW DATA REGULATIONS: IS YOUR BUSINESS COMPLIANT?

Driving virtual Prototyping of Automotive Electronics

An Experimental Analysis of the SAE J1939 Standard

NOVEMBER 2017 Leading Digital Transformation Driving innovation at scale Marc Leroux Executive Evangelist/Digital ABB

Security for V2X Communications

Internet of Things Toolkit for Small and Medium Businesses

Automotive Cybersecurity: A steep learning curve

Bringing cyber to the Board of Directors & C-level and keeping it there. Dirk Lybaert, Proximus September 9 th 2016

Transcription:

Preventing Cyber Attacks on Aftermarket Connectivity Solutions Zach Blumenstein, BD Director Argus Cyber Security

In less than a year, 100s of millions connected cars

Aftermarket connectivity most prevalent until 2023 Approx. 100 million connected cars in EU by 2018 OBD II dongles used by 30% of EU car parc 2020-2025 Source: Roland Berger

The opportunity Dongles are an attractive option 7 out of 10 consumers would pay up to 10% of the car price on services relevant to them 35% of consumers already willing to trade driving data for insurance benefits Source: Roland Berger, Accenture

The challenge smart dongles provide an attacker with the capacity of easily performing a remote attack with high impact. December 2017 ENISA, Cyber Security and Resilience of Smart Cars the OBD-II port as it currently exists creates a growing risk to the safety and security of passengers. September 2016 open letter from 4 US Congressman to NHTSA Administrator

The challenge cont d Aftermarket devices could be brought on to all ages and types of vehicles with varying levels of cybersecurity protections. Therefore, these devices should include strong cybersecurity protections since they could impact the safety of vehicles. October 2016 NHTSA, Cybersecurity best practices for modern vehicles

Why hack a vehicle? Cyber Ransom Car Theft Targeted Attacks Hacktivism Data Theft / Privacy invasion Mass Events

ODB II dongles increase the attack surface Cellular (3G/4G-LTE) Infotainment Bluetooth V2X OBD II WiFi

Dongles have already been hacked Security challenges with telematics dongles Enlarge the attack surface Built on old hardware with weak security OBD II port is directly connected to safety critical functions No cyber security regulatory environment anything connected to the Internet [enlarges the] attack surface especially when it is plugged into the diagnostic port -Chris Valasek

Argus exposes aftermarket device vulnerability Zubie aftermarket telematics dongle Communication based on non-secure HTTP protocol Provided direct access to the safety critical systems Braking, steering and acceleration could have been affected

Progressive two million cars open for exploit Progressive s UBI Snapshot device hacked No responsible disclosure, could affect on ~2 million cars Unlock the doors, start the engine, gather engine information

UCSD researchers expose flaw Mobile Devices OBD2 dongle Through malicious SMS messages researches gained remote access Activating and disabling the brakes, turning on windshield wipers

Aftermarket Food Chain Module Vendors Telematics Technology Provider Telematics Services Provider Future potential 5.5M ~100K N/A ~3M UBI Usage Based Insurance Consumer Telematics Product SVR Stolen Vehicle Recovery Fleet Management Road assistancem otorists clubs Leasing Car-Sharing and Car-Rental companies Insurers companies/fleet Management End-consumer

52% People Would Pay $8/Month for Cyber Security

Argus Mission Keep Passengers Safe Protect Customer Privacy and Property Prevent Costly Cyber Recalls Maintain Business Continuity

Argus Cyber Security Philosophy Prevent Make it as hard as possible to attack Understand Know you are being hacked and how, in real time Respond Mitigate the damage and immunize the fleet in hours

Maximum Prevention Security in Depth 25 Granted and Pending Automotive Cyber Security Patents In-Vehicle Prevent Out-of-Vehicle Lifespan Protection Prevent ECU Protection In-Vehicle Network Protection Aftermarket Protection Connectivity Protection

Understand

Ongoing Monitoring & Mitigation Respond Ongoing Over The Air security Updates OEM SOC SOC OEM SOC OEM SOC OEM SOC

Our Competitive Advantages Unique combination of cyber security & automotive experts Industry s best team (founders, leadership, employees, investors, advisors) Widest array of solutions in the market Technologically superior, significant IP (25 pending / granted patents) Significant projects with OEM and Tier 1s Very strong partners Recognized as the market leader

Drive Home Cyber Safe!

2024 © technodocbox.com Privacy Policy | Terms of Service | Feedback