{"id":32086,"date":"2023-10-20T14:27:01","date_gmt":"2023-10-20T14:27:01","guid":{"rendered":"http:\/\/startupsmart.test\/2023\/10\/20\/auto-industry-must-tackle-its-software-problems-to-stop-hacks-as-cars-go-online-startupsmart\/"},"modified":"2023-10-20T14:27:01","modified_gmt":"2023-10-20T14:27:01","slug":"auto-industry-must-tackle-its-software-problems-to-stop-hacks-as-cars-go-online-startupsmart","status":"publish","type":"post","link":"https:\/\/www.startupsmart.com.au\/uncategorized\/auto-industry-must-tackle-its-software-problems-to-stop-hacks-as-cars-go-online-startupsmart\/","title":{"rendered":"Auto industry must tackle its software problems to stop hacks as cars go online – StartupSmart"},"content":{"rendered":"
Many companies producing software employ people as penetration testers, whose job it is to find security holes before others with less pure motives get a chance. This is especially common in the finance sector, but following the recent demonstration of a drive-by hack on a Jeep<\/a>, and parent company\u2019s Fiat Chrysler\u2019s huge recall of 1.4m vehicles for security testing<\/a>, perhaps it\u2019s time the auto industry followed its lead.<\/p>\n \u00a0<\/p>\n The growing number of software vulnerabilities discovered in cars has led to calls for the US Federal Trade Commission and National Highway Traffic Safety Administration<\/a> to impose security standards on manufacturers for software in their cars. Cars are likely to require a software security rating so consumers can judge how hack-proof they are.<\/p>\n \u00a0<\/p>\n In the past, cars have generally avoided any form of network connectivity, but now consumers want internet access to stream music or use apps such as maps. If a car has a public IP address then, just as with any computer or device attached to the internet, a malicious intruder can be potentially connect to and hijack it \u2013 just as the Jeep hack demonstrated.<\/p>\n \u00a0<\/p>\n Andy Davis, a researcher from NCC Group, has shown that it may be possible to create a fake digital radio (DAB) station in order to download malicious data to a car when it tries to connect. While the Jeep hack was performed on a running car, the NCC Group researchers demonstrated that an off-road vehicle could be compromised, including taking control of steering and brakes. As the malicious data was distributed through a broadcast radio signal, it could even result in a nightmare situation where many cars could be compromised and controlled at the same time. More details on how the hack works will be revealed at the Black Hat conference<\/a> this summer.<\/p>\n \u00a0<\/p>\n \u00a0<\/p>\n