Vulnerabilities of Automotive IoT
Your Personal Information
When a car is purchased, the dealership takes a lot of very personal and confidential information from the buyer. Some information is for the purpose of registration with the local government authorities, some is for the finance company and some is for marketing purposes. Regardless of the purpose, personal information is being collected that connects the buyer to the vehicle being purchased. In this day of IoT and everything connected, information collectors and receivers must be more vigilant protecting data.
Honda Breach Exposes Customer Data
According to a report in Information Security Newspaper, a massive data breach at Honda North America recently exposed 976 million records affecting nearly 26,000 customers. These records were not password protected and were made easily available to any public internet user. The information exposed included full names, addresses, phone numbers, make and model of the vehicle, license plate numbers and records on maintenance services.
The cause of the breach is thought to be incorrect security configurations or, in other words, human error. The article states that an estimated 50% of these incidents can be avoided if staff were to implement appropriate security measures. The following actions to mitigate these security issues might be helpful:
Establish a regular training schedule for IT personnel on security best practices. There are many sources for data security practices including such organizations as TM Forum, US Federal Trade Commission, US GSA and many other government agencies.
Establish safe networking practices training for non-IT personnel.
Create a policy of persistent monitoring and utilize data security tools that block download of sensitive information.
Data security experts from the International Institute of Cyber Security (IICS) believe that preventing these misconfigurations and instituting data safety measures will significantly reduce incidents of database information exposure.
Not Your Fathers Buick
Data breaches in the automotive industry are particularly un-nerving considering the network technology being installed in new cars. A recent advertisement for Buick demonstrated how the owner can start the car, lock and unlock doors and adjust other settings remotely from a smartphone. These new conveniences are made available courtesy of the public internet. IoT is going mobile.
So here is the worst case scenario. Your vehicle can be controlled by a smartphone any time and from anywhere. All the identifying information about you and your vehicle are publicly available on the public internet. Potentially, hackers can gain control of your vehicle for a variety of nefarious purposes. Imagine being on the receiving end of a ransomware attack that shuts down your vehicle until you send bitcoin to an email address in some foreign country.
Network Monitoring and Security Tools
The measures noted above can help reduce data breaches. However, training and best practices can not completely eliminate human error. It is critical that additional measures be taken including persistent network monitoring and connecting security tools that will identify and prevent malicious attacks on networks and data bases.
There are a variety of network tools such as Next Generation Firewalls (NGFW), Intrusion Prevention Systems (IPS), Data Loss Protection (DLP), Authentication Appliances, Encryption, Antimalware, Antivirus and many others available to help protect networks from attack. These tools must be connected, however, to live links in order to see network traffic and take action when necessary.
TAPs and Packet Brokers
TAPs and Packet Brokers are the tools that connect security and monitoring tools. TAPs safely connect network tools to links without impacting or delaying live network traffic. They make a mirror copy of the live traffic and send it to connected network tools. TAPs can connect tools to both copper and fiber links and even provide conversion when the link media does not match the type of port on the tool. For example, modular TAPs can have both fiber and copper ports. An incoming fiber link can be connected and mapped to a network tool via a copper output port. Fail-safe technology protects network traffic. If power is lost to the TAP, live network traffic will continue to flow.
For more complex networks, Packet Brokers are utilized to connect and efficiently manage multiple network tools. Advanced features such as traffic filtering, aggregation, load balancing and packet manipulation help network tools work faster and more efficiently.
Using specialized network monitoring and security tools can help prevent breaches even when vulnerabilities might be caused by lapses in human diligence. Organizations that are lax with data security practices face a loss of consumer trust, government fines and other liabilities. As more and more every day conveniences become internet connected consumer data bases will proliferate. It is critical for any company holding personal customer information to diligently use best practices, training and automation to protect confidentiality. For more information on how TAPs and tools can enhance your security profile go to www.networkcritical.com.