Automotive Cybersecurity- Key-Fob Blocking, New Members & Reports

In automotive cybersecurity news this week were tips to block key fob signals, new membership and new reports.

Ways to Block Key Fob Signals in the News

There were several news stories this week about keeping key fobs in tin can or aluminum foil. Others suggest buying a Faraday bag to block signals. It is very important to always test whatever method you choose, by having the fob in device near the vehicle and see if the trunk or doors work wireless with the fob in the Faraday bag. The reason to keep devices from being amplified or signals stolen.  The most popular Faraday cases sells for $16.99 on Amazon Signal Blocker for Car Keys Ce Faraday Bag Antitheft Fob Guard .

New Automotiv & Partner Members Auto-ISAC

The Automotive Information Sharing and Analysis Center (Auto-ISAC) welcomes as new members Mitsubishi Electric, PACCAR and Volvo Group North America; and, new strategic partners the American Trucking Associations, Ernst and Young LLP and Red Balloon Security.

The inclusion of these organizations exemplifies the Auto-ISAC’s continued efforts to promote collaboration between Tier 1 suppliers, industry strategic partners and automobile manufacturers around vehicle cybersecurity. The Auto-ISAC was formed by automakers in August 2015 to establish a global information sharing community to promote vehicle cybersecurity.

“Mitsubishi Electric, PACCAR and Volvo Group North America all play critical roles in the design and engineering of secure connected vehicles, and we look forward to working with them,” said Jeff Massimilla of General Motors, who serves as the Auto-ISAC’s Chairman. “The addition of the American Trucking Associations, Ernst and Young and Red Balloon Security as strategic partners adds to the hard-working team of members and partners who are focused on driving the industry’s proactive efforts to incorporate strong security measures into every phase of the vehicle lifecycle.”

Jeff Stewart of AT&T and chairman of the organization’s Affiliate Advisory Board, which represents non‑OEM members said, “We all play a key role in the cybersecurity of connected vehicles. Sharing and analyzing cyber risk information benefits everyone and the Auto-ISAC provides a secure platform for all of us to do just that.”

The Auto-ISAC operates as a central hub to share and analyze intelligence about emerging cybersecurity risks. Its secure intelligence sharing portal allows members to anonymously submit and receive information that helps them more effectively respond to cyber threats.

A key action by the Auto-ISAC is the publishing of the Automotive Cybersecurity Best Practices Executive Summary which provides informational guides that cover organizational and technical aspects of vehicle cybersecurity. Two of the guides are available to the public: incident response and collaboration and engagement with appropriate third parties. Six additional guides being written include: governance, risk management, security by design, threat detection and protection, and training and awareness.

Auto-ISAC members represent more than 99 percent of light-duty vehicles on the road in North America. Members also include heavy-duty vehicles, commercial fleets and carriers and suppliers. It has global representation from companies in Europe and Asia.

Top Automotive Cybersecurity Vendors?

According Absolute reports the top automotive cybersecurity vendors are Argus Cyber Security, HARMAN International, Karamba Security, Symantec, Arilou Cyber Security, ESCRYPT, Honeywell International, RunSafeSecurity, secunet Security Networks, Vector Informatik.

Automakers and Fleets Should Be the Most Concerned about Automotive Cybersecurity

KPMG’s report “Protecting the Fleet” details why automakers, fleets and providers of mobility services must be the most secure.

Fleetwide attacks— which will have a much more significant scope andimpact and a much greater
potential payoff for cyberattackers—threaten to disrupt not only automotive security but also many
other aspects of the automotive business and operating mode, notes the report.
Hackers will have a great payoff for cyber-attacking not one car, but 100, 1,000, or 1 million. Because of the broadcast reach of the internet, the same over-the-air (OTA)attack technique that works on a single car can be applied toward all the cars connected to it with relative ease. For approximately the same cost and effort, a fleet attack can potentially have a much greater impact. The question boils down to what the threat actor is after—easy money by stealing and selling the users’ personally identifiable information (PII), or ransom attacks
Car manufacturers will soon fight for consumer brand loyalty not only through quality, safety, and innovation, but also through establishing a relationship founded on maintaining customer privacy through digital
trust. According to KPMG’s Consumer Loss Barometer, 82 percent of consumers would be wary or never buy from an automaker if that brand experienced a car hack.
Automakers will need to consider security throughout the design, development, and manufacturing of the
connected car “nervous system”—the computer brain that processes data from sensors and cameras and communicates with the external environment. The data and operations centers in the cloud, from which
companies manage, monitor and service their fleets, also need to be protected.
Read full “Protecting the Fleet”  report.


You are welcome to subscribe to receive email notification of publication of Connected Car News Cybersecurity, you can also get weekly news summaries or daily emails.