Posted by Joe Gargiulo on Wed, Oct 05, 2016 @ 01:40 PM
With hackers nipping at the heels of automobile software security around the clock, it’s always best to stay one step ahead of the hackers. CrossCheck addressed this issue one year ago and revisits with an update from Arxan Technologies, a company dedicated to protecting connected cars as well as other vulnerable points of entry including healthcare, mobile gaming and digital media. Arxan also has a web page on automotive IoT security measures dedicated to related security measures that enables auto dealerships to review the latest technology and advise their customers.
The one thing that hasn’t changed since CrossCheck published “How Auto Dealers and Service Pros Protect Customers from Hackers” is the fact that 75% of cars shipping globally are expected to have internet connectivity by 2020.
Potential hacks can vary from simply stealing a car to creating cyber terrorism or havoc on the highways. “Dealership software is now accessible from remote points and needs to be protected as well,” said Arxan CMO Mandeep Khera. “Until car manufacturers do a better of securing their connected systems, dealerships need to make consumers aware of potential security issues with some workarounds to provide some interim safeguards.”
Arxan notes three points of exposure for connected cars:
- Third-party applications and libraries loaded on mobile devices belonging to drivers and passengers. (Arxan believes “they are vulnerable to reverse-engineering and tampering attacks that can result in unauthorized code modification, intellectual property loss, damaged brand reputation, and even loss of passenger life.”)
- Onboard infotainment systems that interface with mobile devices via Bluetooth and WiFi connections.
- Software-based service and testing tools produced by auto OEMs (e.g. OBD2) and their vendors run on a legacy PC server-client architecture with embedded data allowing access to vehicle modules.
Auto dealerships wanting to provide their customers with a level of protection for their connected cars may advise them as follows:
- Update all onboard software to the latest versions.
- Don’t jailbreak (modify, bypass or replace with third-party apps) vehicle security systems.
- Determine the vehicle’s surface of vulnerability (weaknesses) including third-party apps.
- Inspect the USB and OBD2 ports periodically to determine that they are free from hacking devices, and be mindful of what USB devices are being connected.
Auto dealerships interested in maintaining their own level of protection are well served by CrossCheck’s Auto Industry Remote Deposit Capture (C.A.R.S.) program. This payments solution includes electronic check processing and guarantee, Multiple Check, Check on Delivery (COD), online transaction reporting 24/7/365 and no-fee loaner equipment. C.A.R.S. is “check processing made simple” — learn how it can help your dealership increase sales revenue by downloading the Insider Guide.
Tags: Auto Dealerships