Tag Archives: government

Inspiring Improvement in the Field of Automotive Cybersecurity

Leave a reply

A few weeks ago, I submitted a post about cybersecurity in the automotive industry, specifically about Volkswagen’s foray into invested into cybersecurity for automotive computers. Earlier today, the U.S. National Highway Traffic Safety Administration (NHTSA) suggested that automakers should “make shielding the electronic and computer systems of vehicles from hackers a priority, developing layers of protection that can secure a vehicle throughout its life.” These are not enforceable rules, but strong suggestions from one of the government institutions that are partially responsible for the creation of future regulations that will more strictly govern the automotive industry as a whole.

The NHTSA poses many potential security upgrades in their proposal, entitled “Cybersecurity Best Practices for Modern Vehicle.” Some of these suggestions are moves that manufacturers, like Volkswagen, are already putting into place. Most of the proposals made in the proposal are becoming standard operating procedure for automotive companies, while other suggestions are less likely to be taken into consideration. One proposal in question relates to the disclosure of proprietary information about critical components of electrical and data systems within vehicles. Jonathan Allen, acting executive director of the Automotive Information Sharing and Analysis Center, explained in an interview that this section of the industry is incredibly competitive and that companies will probably avoid disclosing this information until they are required to.

As I mentioned in my last post, the threat of automotive hacking, while still extremely small, is becoming an increasing threat. As companies begin to offer significant vehicle upgrades through wireless data links, much the same as Tesla has been over the past few years, the need for secure connections will continue to grow. Massachusetts Senator Ed Markey agrees with this sentiment and stated in an interview today that “if modern day cars are computers on wheels, we need mandatory standards, not voluntary guidance, to ensure that our vehicles cannot be hacked and lives and information put in danger.” I couldn’t agree more with this sentiment. As technology continues to impact our lives in increasingly different ways, the need for knowledgeable cyber security experts will continue to grow.

Australian Meteorology Bureau Breach

Leave a reply

“You’re only as strong as your weakest link.” For the Australian government, this phrase is extremely relevant today. The Australian Cyber Security Center confirmed yesterday that a 2015 attack on servers at Australia’s Bureau of Meteorology was initiated by a foreign intelligence service. You may be thinking, “What could hackers want with weather data?” The answer is nothing. By hacking into the weakest part of the Australian government’s network, the hackers were able to work their way throughout the system by breaching the poorly protected meteorology division.

Various reports have stated that China is behind the attacks but the Australian government states that it will not be naming a source. The Australian Cyber Security Center (ACSC) noted that the security controls in place “were insufficient to protect the network from more common threats associated with cybercrime.” They also estimate that every password on the Meteorology Bureau’s network was already compromised by the time that the investigation into the matter began.

Technology has allowed governments around the world to better store data and control their resources; unfortunately, as an entity’s cyber footprint increases, so does the type and number of potential risks that threaten them. It is vital that modern-day governments around the world put in place the countermeasures to protect their systems and data.