Note: This is going to be a somehow longer article which I will finish in a couple of related posts.
A security product is a program that
- Prevents that malware enters the system
- Detects if previously unknown malware is running on the system
- Remediates the actions of detected malware on the system
Note that it is not mentioned *how* PDR gets implemented in practice. There are many ways to implement them and it is out of the scope of this article how this gets realized.
Back to our question:
Do you actually need a security product in your car?
Today, no, you don’t. But in 1-2 years the situation will change. Remember that in the automotive industry innovations need time until they reach the end-customers.
Why? Read on…
Why not today?
The cars today are just beginning to become connected. It is like it was in the 80′ with the PCs:
- have little to no attack surfaces. They are mostly closed systems or have a single encrypted connection to a backend from which they get the data they need.
- the entry points in the car are:
- there is no (known) malware for the cars
- There is a fairly clean separation between the high level (closer to the user) parts of the car and the low level parts (closer to the CAN BUS and ECUs). I say “fairly clean” because I don’t have enough information to say contrary. However, considering the hacks that happened lately, the borders between high- and low-level systems are definitely in need of reviewing.
There is a lot of potential there, because the future will go into this direction:
- advanced connectivity
- Vehicle to Vehicle
- Vehicle to Infrastructure
- openness towards 3rd party applications
- open source software to be integrated in the car (in various systems)
- openness of the OBD2 interface towards 3rd party hardware in order to
- track vehicles
- offer advanced configuration of the car subsystems
- consumption optimisation
- insurance tracking (insurance companies want evidence that you drive carefully, even if you don’t produce an accident)
The tomorrow is happening…
Due to the fact that the auto manufacturers need to give some of the control to 3rd parties, there are many opportunities for malware authors. Yes, it sounds bad, but this is exactly what it is: where security people see danger, cyber criminals see opportunities. See the proof here “Car Hacking News Timeline“.
How could a security product prevent these?
Well, it can’t. At least, most of these hacks can’t be prevented by a security product.
It is the same situation like in the PC industry: there is no single security product that can secure a PC completely and make it completely invulnerable to attacks. However, with the proper software layer and a lot of user education, we have managed to reach a minimum level of security. But we are still in an armed race with the cybercriminals which no security company can win.
What are the worse things related to security software ?
- They slow down the system
- They produce false positives
- The interaction with the user is usually very bad designed (sometimes for a reason)
There is an additional factor that comes in discussion when we talk about cars: how do you inform the user that the car is … infected with malware? Or at least that it is under attack ?
This is not so easy to answer. I mean, imagine: you’re driving and the car’s’ systems start to blink and/or beep.
There is no perfect solution here. But we can find something that is user acceptable.
What kind of security product could run in the car?
I guess this is the most important question.
Well, there is no unique answer and no perfect answer…
But this is going to be another post.
© Copyright 2016 Sorin Mustaca, All rights Reserved. Written For: Sorin Mustaca on Cybersecurity
Check www.mustaca.com for the IT Consulting services I offer.
Visit www.itsecuritynews.info for latest security news in English
Besuchen Sie http://de.itsecuritynews.info für IT Sicherheits News auf Deutsch