Security Breaks – Weekly News Edition

Security Breaks – Weekly News Edition

In this episode, Kate dives into the latest automotive cybersecurity headlines — from wireless tire pressure monitoring vulnerabilities to supplier ransomware and SBOM validation breakthroughs. She unpacks critical issues affecting OEMs, Tier 1 suppliers, and dealerships, while highlighting the real-world implications of Bluetooth Low Energy attacks, supply chain risks, and continuous software validation. Whether you’re an engineer, cybersecurity practitioner, or dealership IT lead, this episode delivers a fast-paced, expert breakdown of what’s shaping the automotive security landscape right now. KEY TAKEAWAYS * TPMS (Tire Pressure Monitoring Systems) still transmit unencrypted signals, leaving room for spoofing and tracking vulnerabilities. * Supplier cyber incidents, such as those impacting Jaguar Land Rover, show how attacks ripple through the entire automotive supply chain. * Bluetooth Low Energy (BLE) weaknesses continue to expose vehicles to unauthorized access — secure pairing and token rotation are essential. * Ransomware groups like Akira are increasingly targeting distributors and service providers within the automotive ecosystem. * Continuous SBOM validation and integration with threat intelligence are key to proactive risk management under ISO/SAE 21434 and UNECE R155. * Machine learning intrusion detection systems (IDS) show promise but require realistic datasets and careful tuning to avoid false positives. QUOTES > “Safety signaling that can be faked is a problem. When drivers start to ignore warnings, we’ve already lost the battle.” > > “If your dealer network still relies on flat networks because printers — this is your sign to fix that.” > > “Your SBOM program isn’t about paperwork. It’s about knowing what’s in your software so you can fix what matters.” TIMESTAMPS (01:29) Wireless threats to tire pressure monitoring systems (TPMS) (06:00) Supplier cyberattacks disrupting Jaguar Land Rover’s production (08:30) Pen Test Partners’ guide to hacking Bluetooth Low Energy (11:00) Ransomware attack on Harbor Diesel & Equipment (13:42) Advances in SBOM validation and continuous vulnerability management (17:25) Machine learning intrusion detection for the Internet of Vehicles (20:32) Practical takeaways for OEMs, suppliers, and dealerships (23:50) Community questions and call for industry collaboration REFERENCED LINKS * Automotive Cybersecurity Standards: ISO/SAE 21434 [https://www.iso.org/standard/70918.html] * UNECE Regulation No. 155 – Cybersecurity and Cybersecurity Management Systems [https://unece.org/transport/documents/2021/03/standards/un-regulation-no-155-cyber-security-and-cyber-security] * UNECE Regulation No. 156 – Software Updates [https://unece.org/transport/documents/2021/03/standards/un-regulation-no-156-software-update-and-software-update] * Pen Test Partners – Practical Guide to Hacking BLE [https://www.pentestpartners.com] * Ransomware.live – Akira Group Listing [https://ransomware.live] * Kaspersky: A Decade of Vehicle Hacks Report [https://ics-cert.kaspersky.com/publications/reports/] PLEASE LEAVE US A RATING AND REVIEW If you enjoyed this episode of Security Breaks, please take a moment to rate and review us on Apple Podcasts [https://podcasts.apple.com/us/podcast/security-breaks/id1742498298] — it helps others in the automotive cybersecurity community discover the show. CONNECT WITH ASRG (AUTOMOTIVE SECURITY RESEARCH GROUP) 🌐 ASRG.io [https://www.asrg.io] 💼 ASRG on LinkedIn [https://www.linkedin.com/company/asrg] 📧 Contact: securitybreaks@arg.io [securitybreaks@arg.io]

Digging deeper into the VicOne Threat Landscape Report: The Story Behind the Numbers

EPISODE SUMMARY: In this episode, John speaks with a cybersecurity expert Karl Schlaugh about the rising cyber threats in the automotive industry, the challenges of securing vehicles, and the impact of regulations on automotive cybersecurity. They discuss various attack vectors, the importance of patch management, and the role of regulations in enhancing vehicle security. KEY TAKEAWAYS: * Cybercriminals target the automotive supply chain to amplify their reach. * The automotive industry's long patch lifecycle makes it a lucrative target for cybercriminals. * Regulations like UN ECE 155 and 156 are positively impacting automotive cybersecurity by requiring vulnerability management and encouraging transparency. * The rise in cyber attacks on the automotive industry underscores the need for improved security measures and continuous monitoring. QUOTES: 1. "Cybercriminals always follow money. If you have malware running in a supplier, then you amplify your targets." - Karl Schlaugh 2. "The patch lifecycle in automotive is a hell of a lot longer, which is a good thing for cybercriminals." - Karl Schlaugh 3. "Regulations like UN ECE 155 and 156 are encouraging vulnerability management and transparency, which is very positive." - Karl Schlaugh TIMESTAMPS: * (10:35) The long patch lifecycle in the automotive industry * (16:50) Impact of regulations on automotive cybersecurity * (24:10) Addressing cybersecurity in older vehicles * (28:30) Key takeaways from the cybersecurity threat landscape report * (36:17) Discussion on industry trends and future outlook * (41:53) Monetary impact of cyber attacks on the automotive industry * (43:31) Importance of reputation management for OEMs REFERENCED LINKS: * UN ECE 155 Regulation * UN ECE 156 Regulation * Automotive Cyber Threat Landscape Report 2023 [https://documents.vicone.com/reports/automotive-cyberthreat-landscape-report-2023.pdf] Please leave us a rating and a review on Apple Podcast. CONNECT WITH KARL (KALLI) SCHLAUCH: * LinkedIn [https://ie.linkedin.com/in/karlschlauch] CONNECT WITH ASRG: * ASRG [https://asrg.io/] * LinkedIn [https://www.linkedin.com/company/automotive-security-research-group/posts/?feedView=all]

Exploring Upstream's Cybersecurity Report with Giuseppe Serio

In this episode of the Security Breaks podcast, host John Heldreth welcomes Giuseppe Serio from Upstream Cybersecurity, a leading expert in automotive cybersecurity. The episode explores the latest developments in automotive cybersecurity, focusing on the Upstream Cybersecurity Threat Report for 2024. [https://info.upstream.auto/hubfs/Security_Report/Security_Report_2024/Upstream_2024_Gl[…]c2-85b6-f0158ad2a14a%7C708f280d-d13d-450b-a8d4-b4c9ea0ece08] Key Takeaways: * Upstream Cybersecurity Threat Report 2024: The report provides a comprehensive overview of the latest threats in automotive cybersecurity, using data from VSOCs and external sources like the dark web. It serves as a key resource for industry professionals. * The episode emphasizes the importance of responsible disclosure in cybersecurity research, focusing on safety and proper communication when dealing with sensitive information. Quotes: * "VSOCs play a crucial role in monitoring, detecting, and responding to cyber threats in real-time. They're essential for maintaining the security and safety of connected vehicles." * "Responsible disclosure is key in the cybersecurity industry. It’s not just about finding vulnerabilities; it's about ensuring that the information is handled properly to avoid potential risks to public safety." Timestamp: (1:55 - 2:21): Discussion about Upstream's annual automotive cybersecurity threat report, which details the threats faced by the industry and its impact on the safety of vehicles and their operations. (2:31 - 2:40): John discusses the length and comprehensiveness of the report, emphasizing its importance in providing insights into threats and the potential challenges facing the automotive industry. (5:19 - 5:34): Giuseppe elaborates on the shift from calling it "Automotive SOC" to "VSOC," emphasizing that the concept has evolved from focusing on individual vehicles to the broader fleet and ecosystem. (12:23 - 12:40): Discussion of the internal and external sources Upstream uses for research and threat intelligence, including their dedicated research team and the various sources used to compile the report. (13:07 - 13:41): Giuseppe outlines the process of compiling the cybersecurity threat report, mentioning the significant effort and resources involved in gathering and analyzing the data to ensure accurate and comprehensive insights into the automotive cybersecurity landscape. About the Guest:  Giuseppe is a cybersecurity expert specializing in the automotive industry. He brings a deep understanding of cybersecurity issues specific to the automotive sector, discussing topics like over-the-air (OTA) updates, electric vehicles (EVs), and autonomous driving technologies. Giuseppe's insights reflect a comprehensive grasp of current trends and emerging threats in automotive cybersecurity. Connect with Giuseppe Serio: LinkedIn: Giuseppe Serio [https://www.linkedin.com/in/giuseppe-serio/] Website: Upstream [https://upstream.auto/] Connect With ASRG: * ASRG Website [https://www.asrg.io/] * ASRG Facebook Page [https://www.facebook.com/AutoSecResGroup/] * ASRG LinkedIn [https://www.linkedin.com/company/automotive-security-research-group/] Download report here: * Upstream Global Automotive Cybersecurity Report 2024 [https://info.upstream.auto/hubfs/Security_Report/Security_Report_2024/Upstream_2024_Gl[…]c2-85b6-f0158ad2a14a%7C708f280d-d13d-450b-a8d4-b4c9ea0ece08] Please leave us a rating and a review.

Navigating Automotive Security Growth with Slava Bronfman

Welcome to Security Breaks Podcast! In this pillar episode, John Heldreth and Slava Bronfman discuss the evolution and challenges of automotive cybersecurity. They delve into the differences between functional safety and product security, highlighting the importance of understanding the dynamic nature of security in contrast to the relatively static world of safety. The conversation also explores the maturity levels of OEMs and suppliers in implementing security frameworks and the role of regulations and standards in driving industry practices forward. KEY TAKEAWAYS: * Automotive cybersecurity has evolved from research-led projects to comprehensive programs within OEMs and suppliers, but there remains a wide variance in maturity levels across the industry. * The distinction between functional safety and product security lies in the magnitude, practices, and dynamic nature of security compared to safety. * The adoption of tools and processes, even if rudimentary like Excel, marks progress in establishing security frameworks within organizations. * Achieving scalable security solutions requires a holistic approach encompassing methods, processes, organization, and technology. QUOTES: * "The commitment to continuous improvement and adaptation is key to addressing the complexities of automotive cybersecurity." * "The distinction between functional safety and product security lies in the magnitude, practices, and dynamic nature of security compared to safety." TIMESTAMPS: (16:05) John starts discussing the importance of processes, methods, organization, and tooling in automotive cybersecurity. (17:32) Slava Bronfman responds affirmatively to John's points. (18:43) John and Slava discuss the potential consequences of OEMs being blind to vulnerabilities in their vehicles. (20:50) They discuss the importance of proactive security measures in preventing incidents. (21:55) Slava shares insights into the alignment between OEMs and suppliers regarding cybersecurity. (24:42) The conversation shifts to the future of automotive cybersecurity. (25:53) Slava discusses the challenges posed by emerging technologies such as software-defined vehicles. (29:48) They discuss the potential impact of quantum computing and autonomous driving on cybersecurity. (33:11) John emphasizes the importance of responsible disclosure for researchers and hackers. (34:42) Slava provides an overview of Cybellum and its role in automotive cybersecurity. (38:03) They discuss the future development of Cybellum and its focus on AI and ML technologies. (42:14) The podcast concludes with closing remarks and reflections on the challenges and opportunities in automotive cybersecurity. ABOUT THE GUEST: Slava Bronfman is a cybersecurity expert with a background in software engineering and extensive experience in the automotive industry. He co-founded Cybellum, a company specializing in automotive cybersecurity solutions, and has been instrumental in shaping the direction of automotive security practices. CONNECT WITH SLAVA BRONFMAN: LinkedIn: Slava Bronfman [https://www.linkedin.com/in/slava-bronfman/] Website: Cybellum [https://cybellum.com/] CONNECT WITH ASRG: * ASRG Website [https://asrg.io/] * ASRG Facebook Page [https://www.facebook.com/profile.php?id=100057569173313] * ASRG LinkedIn [https://www.linkedin.com/company/automotive-security-research-group/] Please leave us a rating and a review.