The real beauty of IoT environments is the ability to make routine activities smarter through the combination of seamless connectivity, data collection and analysis capabilities. However, this same combination creates a potentially significant downside as well. The more manufacturers introduce IoT-enabled devices into their cars, these companies now have access to a ton of valuable data.
Unfortunately, these mountains of data have turned automotive brands into attractive targets as unscrupulous characters stage ransomware attacks. To secure IoT networks and connected cars, ensuring the flow of information is protected, companies must adopt a security-first approach to patching IoT vulnerabilities, automatic monitoring and multi-factor authentication within its systems.
As automobiles become more connected and have more and more access to sensitive data (i.e. connectivity to personal phones), it is important that manufacturers strike a balance between convenience and security, explains Scott Russ, security architect at Nerdery. “Unfortunately, the financial benefit of being first to market is as substantial in the automotive industry as it is in most other industries,” says Russ. “This monetary reward sometimes drives manufacturers to put less priority on security features that may extend the development cycle of new features.”
Russ recommends that auto make keep a few core concepts in mind as build new IoT based features into their vehicles:
Don’t store any data. Vehicle systems should be designed to allow data to pass from one component to another for processing and use, but the vehicle system itself should not store any of that data. Vehicles are bought and sold all the time and owners will likely forget (or not even know) to reset the vehicle system to factory defaults to remove the data.
Use authentication and encryption for everything. Any component connecting to the larger vehicle system should be forced to authenticate itself to prevent unauthorized access. Additionally, communication between components should always be encrypted to prevent the hijacking of data in transit.
Use components from vendors who embrace sustainability. Not all electronic component vendors are created equally. Some vendors build “set it and forget it” components under the assumption that the device will have a static purpose that never needs to be changed. Other vendors embrace the idea that there may be unforeseen issues down the road with the component that need to be addressed via software updates and patches. Automobile manufacturers should develop partnerships with the latter.
Unfortunately, securing data in these environments is far more complex than securing data house on-prem or even within the cloud. There is a noticeable lack of control within the vehicle, explains Russ. “On-prem systems allow for stricter access mechanisms because the entire infrastructure lives within an organization's scope of control. Vehicle systems are different,” he says. “The individual owner (not the manufacturer) owns the vehicle and the external devices connected to it. Consumer demand dictates that vehicle system access is convenient. This fact coupled with a complete lack of configuration control over the endpoint devices connecting to the vehicle (i.e. smart phones) makes for a very challenging identity and access management conundrum.”
At the same time, the connected vehicle represents a wandering network rather than the fairly static network leveraged in-house where users connect to a remote system via VPN or other mechanism and they don’t move around very much. “Even if a user is connecting via laptop they will typically do so from a single location for the duration of a session, then move to another location and establish a new connection. Vehicles are always on the move,” he says. “Network sessions need to keep track of an ever-changing source as the vehicle location changes and the session switches from cell tower to cell tower (or satellite to satellite). It’s difficult enough to maintain connectivity when the source is moving, much less add security mechanisms to deter session hijacking as the connection switches from one place to another.”
