Cyber attacks are becoming more common across a wide range of industries. The rise of cybercrime affects everyone, but certain sectors are more at risk than others. The automotive industry may face particularly significant threats in 2023.
1. Protection of production processes
First, car manufacturers need to protect Industry 4.0 systems in production plants. The first step in traffic safety is the appointment of a dedicated safety coordinator, after which car manufacturers can deal with site-specific risks. One of the most important changes is the segmentation of networks. All IoT devices must run on separate systems from more sensitive endpoints and data to prevent lateral movement. Encrypting IoT communications and changing default passwords are also key. Manufacturers must regularly update these systems, including using updated anti-malware solutions. Limiting user access and training all employees on security best practices are also important because insider risks can be a significant threat. As threats are constantly evolving, car manufacturers must also perform regular penetration tests.
2. Protection of connected cars
Automotive security also means fixing vulnerabilities in the vehicles themselves. The US National Highway Traffic Safety Administration (NHTSA) outlines several protection methods for connected cars, including a risk-based identification and protection process for vehicle systems critical to passenger safety, and architecture to mitigate potential injuries, ensuring that so that the attack does not become dangerous. The internal systems of networked cars must resemble other business networks. Intrusion detection systems must investigate anomalies and isolate potentially affected systems. Critical systems must be able to operate independently of connected functions to work in the context of vehicles. Checking for data encryption and firmware updates is also important. Safety checks cannot depend on users, as it depends on them how dangerous the violations related to the vehicles are. For example, drivers cannot use weak passwords or refuse to install updates.
3. Defense of the Fleets
Protecting corporate vehicle fleets is another important part of automotive cyber security. Businesses and their security partners must protect their vehicle telematics systems. Telematics security starts with a more selective selection of devices and services. Businesses should investigate potential telematics providers to ensure they meet high security standards before partnering with them. They should then restrict access to these systems as much as possible. Similar to IoT systems in manufacturing processes, businesses must segment telematics networks and regularly update these devices. The automotive industry must also place higher demands on device manufacturers and incorporate more security features such as advanced encryption. Many, including automakers, do not recognize the dire need for automotive cybersecurity. Cybercriminals are targeting the industry with increasing frequency and intensity, so security standards within the industry must change. Manufacturing processes, connected cars, and telematics systems must adopt better security practices. If they don’t do so, it could cause millions of dollars in damage and even endanger human lives – warned Dylan Berger, an expert on the topic at Tripwire.Hardware, software, tests, interesting and colorful news from the world of IT by clicking here!