Story image

Blog: Get your motor running

22 Mar 10

Ford Motor Company has recently announced that later this year it will be producing cars with built-in WiFi capabilities. Since 2008, the first generation of this system enabled owners of certain Ford, Lincoln & Mercury vehicles to connect media players & bluetooth devices to their entertainment systems. This second generation of its so called Sync technology will include a full Windows CE operating system which includes the ability to surf the internet when the car is stationary.

Interestingly, Ford has made a point of announcing that they have developed a set of security features to ensure the integrity of the system, despite using a relatively mainstream operating system with browser functionality. Historically Windows operating systems and all browser applications have been prime targets for the bad guys, with vulnerabilities being discovered on a semi-regular basis.

Ford says that the WiFi network will be protected by WPA2 encryption, and on board firewalls will protect the network. I find it interesting that public awareness of computer security issues has reached a level where Ford feel it is important to point out the security features they are building into their systems.

With the increasing application of electronics and the electronic control of engine & chassis components, the reliability & integrity of those electronic controls is becoming more and more paramount. It is one thing for the electronics in your car to have a problem that causes your sound system to not be able to play your songs from your iPod. It is an entirely different thing if those electronics cause a sudden loss of brakes or a loss of control of the throttle. Problems such as that can be life threatening. Recently we have seen many news reports about the apparent problem with a "software glitch" in the anti-lock braking system of Toyota Prius vehicles, resulting in a recall of over 430,000 cars all over the world.

I'd like to think the entertainment and communications system that sychronises external devices with the vehicle's systems is kept completely physically separate from the vehicle control systems. The last thing anybody wants is for the possibility of malware infecting a vehicle's control systems and causing a driver to lose control of the vehicle as a result of that infection.

Hmmm, it may just give a whole new meaning to the computer virus term of "auto-infection", "autorun" and maybe even "mobile security"!

It may be taking things a little too far to envision scenes similar to those in the movie "Christine", where a dilapidated 1958 Plymouth Fury is possessed by supernatural forces. Christine (that's the name of the car) goes on a killing spree in suburban Pennsylvania. I can't see things becoming that bad if a car managed to become infected by malware, but it is technically feasible that a car that has had its vehicle control systems compromised by malware could prove just as deadly.

It's yet another an example of how our real world is moving closer to the fiction and science fiction worlds that we see in movies. More than many of us would realise.

We've seen the movie "Snakes On A Plane". Will we one day see a movie called "Worms In A Car"?

Craig Johnston

Senior Cybercrime Research Analyst

Kiwis make waves in IoT World Cup
A New Zealand company, KotahiNet, has been named as a finalist in the IoT World Cup for its River Pollution Monitoring solution.
Can it be trusted? Huawei’s founder speaks out
Ren Zhengfei spoke candidly in a recent media roundtable about security, 5G, his daughter’s detainment, the USA, and the West’s perception of Huawei.
Oracle Java Card update boosts security for IoT devices
"Java Card 3.1 is very significant to the Internet of Things, bringing interoperability, security and flexibility to a fast-growing market currently lacking high-security and flexible edge security solutions."
How SMBs can use data to drive business outcomes
With the right technology, companies can capture consumer, sales, and expense data, and use it to evaluate and construct future plans.
Survey shows that IoT is RoI across Asia Pacific
A recent Frost & Sullivan survey across Australia, Hong Kong and Singapore shows that IoT deployment improves business metrics by around 12%.
Sophos hires ex-McAfee SVP Gavin Struther
After 16 years as the APAC senior vice president and president for McAfee, Struthers is now heading the APJ arm of Sophos.
Security platform provider Deep Instinct expands local presence
The company has made two A/NZ specific leadership hires and formed several partnerships with organisations in the region.
Half of companies unable to detect IoT device breaches
A Gemalto study also shows that the of blockchain technology to help secure IoT data, services and devices has doubled in a year.