While automotive recalls are nothing new, the industry has been in the headlines for more advanced security concerns resulting from the connected revolution of the Internet of Things (IoT) Continue reading to learn how the IoT has set the stage for the automotive industry’s need for next generation secure access.
New Security Threat in the Automotive Industry
Recently, Fiat Chrysler Automobiles announced two technology researchers wirelessly hacked into a Jeep Cherokee through its dashboard connectivity system. The hackers managed to gain control of the engine, brakes, steering, as well as other features, such as the A/C and radio. Shortly after, two other security researchers discovered six vital security flaws in Tesla’s flagship Model S. These flaws could allow hackers to remotely take control of the vehicle and highlight the need for immediate safety controls for drivers. According to the Financial Times, the hack is to be demonstrated by Marc Rogers, CloudFare’s principal security researcher, Kevin Mahaffey, the co-founder of the security firm Lookout.
Two Different Solutions: Two Very Different Results
To rectify Chrysler’s security problem, the American automaker is shipping 1.4 million USB drives to all owners affected by the vulnerability. While this may seem like a great idea, all of the affected vehicle will remain vulnerable for remote takeover until the owners manually plug in the drives. Even worse, some owners may never plug in the drives, which means those vehicles will remain vulnerable. These types of security problems are nothing new in the IT world.
On the other hand, Tesla has taken a different approach. Instead of leaving the solution in the hands of owners who may or may not implement the solution, Tesla is rolling out instant over the air (OTA) updates. As a first for the automotive industry, the OTA update will automatically update the car’s software and patch the vulnerabilities through cellular or Wi-Fi connections. This solution is the most efficient and scalable way to patch these types of security vulnerabilities in IoT devices. On the flip side while OTA updates can help to address vulnerabilities AFTER an attack has been discovered, next gen secure access solutions should be adopted to reduce the risk of these types of attacks BEFORE they occur. Simply put, any device connected to the Internet becomes subject to hacking and remote control. As vehicles become smarter and more connected, auto manufacturers must evolve their security initiatives to include next generation secure access. Moving forward, auto manufacturers must plan and implement effective next generation secure access solutions for the safety of drivers as well as their organization.
Pulse Secure, LLC is a leading provider of access and mobile security solutions to both enterprises and service providers. Enterprises from every vertical and of all sizes utilize the company’s Pulse virtual private network (VPN), network access control (NAC) and mobile security products to enable end user mobility securely and seamlessly in their organizations. Pulse Secure’s mission is to enable open, integrated enterprise system solutions that empower business productivity through seamless mobility.