Thread Rating:
  • 1 Vote(s) - 5 Average
  • 1
  • 2
  • 3
  • 4
  • 5
On the IoT road: perks, benefits and security of moving smartly
#1
Information 
Quote:
[Image: on-the-iot-road-1.png]

Kaspersky has repeatedly investigated security issues related to IoT technologies (for instance, here, or here). Earlier this year our experts have even gained foothold in the security of biomechanical prosthetic devices. The same implies to smart car security: our own research has indicated that there are number of issues—look here or here.

This year, we decided to continue our tradition of small-scale experiments with security of connected devices but focused on the automotive-related topic. The topic has retained its importance through the years, and as our own research into the subject has revealed, there are security issues in the market, since the vehicles are becoming smarter and more connected—and more exposed. But apart from that, there is a whole industry of aftermarket devices for the improvement of driving experience, from car scanners to various tuning gadgets. This angle was not examined separately, so we randomly took several different automotive connected devices and reviewed their security setup. Whilst it could hardly be called an investigation, this exercise allowed us to get a first look at security issues these suffer from.

We looked at the following devices: a couple of auto scanners, a dashboard camera, a GPS tracker, a smart alarm system, and a pressure and temperature monitoring system.

Scanning tool OBD dongle: secured exposure

The civil automotive diagnostics market is literally flooded with various wired and wireless, small and large devices that connect to the OBD2 diagnostic connector. They are basically sticks that are plugged into the vehicle and provide key driving dynamics data. Some of these devices are autonomous, and some depend on computers or mobile phones. They offer extensive recording and analysis options: the data includes engine speed, temperature, turbocharging, oil pressure, etc.

There are also applications that allow not only to read, but also to program the “brain” of the car, for example, to reset the “check engine” light. Use of these applications and making changes to vehicle operation through these can carry significant risks. In addition to the risk of damage to the car due to an operator error, there is a risk of an intruder intercepting control over the device. Of course, if the device is wired, then such risks are minimized, but if wireless—with the data from the diagnostic port transmitted via Bluetooth or WiFi—the risks of interception increase. Hence, there is an interest in how well the manufacturers of such devices have taken care of security.

The device that landed in our hands was developed by a German manufacturer and marketed under the brand of a well-known carmaker. For security reasons, we will not disclose the name.

The device is positioned as a racing logger that can record a video of the race on the track and superimpose over it telemetry data obtained from the car: speed, engine output, boost and so on.
Continue Reading
Reply


Forum Jump:


Users browsing this thread: 1 Guest(s)
[-]
Welcome
You have to register before you can post on our site.

Username/Email:


Password:





[-]
Recent Posts
Website X5 Go 2024.1
Website X5 Go 2024.1...zevish — 09:32
Apple's rules to allow third-party app ...
Apple has announ...alison30 — 09:28
Intel: Microsoft AI PCs need a Copilot K...
Microsoft hopes th...harlan4096 — 08:55
Synchredible 8 Professional Edition v8.2...
          Synchredib...zevish — 08:54
GFYI [Official] EaseUS Data Recovery Wi...
I utilize EaseUS Par...zevish — 08:10

[-]
Birthdays
Today's Birthdays
No birthdays today.
Upcoming Birthdays
No upcoming birthdays.

[-]
Online Staff
harlan4096's profile harlan4096
Administrator

>