The Latest In Cyber Security

Our Take On News In The Cyber Security / Connected Car Space

From Fixed to Fluid: The Dawn of Custom Vehicle Systems

With vehicles becoming increasingly software-oriented over the years, the potential for customized automotive software has skyrocketed. More and more each day, drivers are learning about the inner workings of their cars, how the CAN bus and OBD II port of their vehicles can be used to enhance their vehicle. CAN (Controlled Area Network) is the network of connections between the electrical control units in a vehicle. The OBD (On-board diagnostics) port is the gateway to the CAN network in vehicles, a unique port found in most cars. From enabling hidden features in a vehicle, to improving a car’s mileage, communities across the internet are further and further exploring the possibilities car hacking can bring.

This customize-ability adds a new, needed dimension to how people will use cars. The car of yesterday was something you bought as-is, with all the features decided by the OEM. The car of tomorrow allows for user driven customization based on wants and needs.

Just as we expect the ability to download apps to our computers and smartphones, the same will inevitably come to be true for automobiles. Johnathan M. Giltin of arsTechnica emphasizes on this, saying that “…an entire ecosystem of companies exists ready to give you the tools to take your WRX, GT-R, or whatever to the next level.”

As this field grows, a future where people can re-wire their cars for each trip throughout the day is entirely feasible. One might chose to optimize their mileage for their morning commute and instead select to change that setting on their way home, when they know that they’ll encounter less traffic. But while the possibilities are endless, so are the risks.

It is common knowledge that the internet is full of programs that advertise themselves as safe, useful applications while secretly infecting the user’s computer with malware. As the communities of car-hack enthusiasts grow, so will the number of unregulated, unverified user-created car programs. It is best practice not to download risky software without an antivirus on one’s computer, and the same practice will be a necessity in the future of car customization. For a field in which new programs and applications will be produced at such an alarming rate, static, non-dynamic security will not suffice. Fast, seamless updates to powerful security protocols are needed, and meeting that demand is the core of Trillium’s ambition.

The Truth About Approaching Cybersecurity

With cyber security achieving an increasingly important position in the world, many companies have found that their initial measures have not held up well enough in the face of novel cyber-attacks. This issue stems from factors such as failure to seriously consider cyber security, as well as an inability to implement security effectively.

Possibly the most difficult-to-grasp aspect of defense in cyberspace is the need to escape notions that are true for the physical world, but are not necessarily true for cyberspace. One example of this is common understanding of borders and proximity. In the physical world, borders are observable, placed and maintained by the people around them with clear dimensions. Location and distance are very different in cyber space, as Michael Daniel, president of the Cyber Threat Alliance, states in an article in the Harvard Business Review. “Proximity is a matter of who’s connected along what paths, not their physical location.”

Daniel also points out the flaws of relying on physical jurisdictions – a cyber-attack can be purported from any location to any network, using an array of hacker tools. It is thus not reasonable to mandate jurisdiction based on physical location. Laws and policies regarding cybersecurity need to be approached with a new mindset, one that acknowledges the need for flexibility in securing the networks of the world.

The responsibility for the protection of companies and consumers lies not only with governments, but with those individual entities and end users as well. For a field in which designating areas of jurisdiction is so asymmetric, the division of accountability cannot afford to be rigid. Daniel suggests employing the same strategy taken by disaster response planners.

“In disaster response, preparedness and initial response reside at the local level; if a given incident overwhelms or threatens to overwhelm local responders, then steadily higher levels of government can step in. We could apply these principles to allocating responsibility in cyberspace -businesses and organizations remain responsible for securing their own networks, up to a point. But if it becomes clear that a nation-state is involved, or even if the federal government merely suspects that a nation-stat is involved, then the federal government would start bringing its capabilities to bear.” (Michael Daniel, 2017)

Daniel’s statements echo Trillium’s beliefs, that no business or organization should lack preparation for a cyber-attack. Waiting defenseless until an incident occurs and then depending on the government to take care of the situation is not only risky, but irresponsible. If the damage caused by the initial infiltration is severe enough, loss of wealth, privacy, and even life can occur. To this end, it is imperative that the world prepare itself for the future, for in an invisible environment in which countless threats lurk, no shelter is not an option.

Trillium takes Shanghai!

Last week Trillium’s CEO, David Uze, was the keynote speaker at the second Asia Intelligent Connected Vehicle Conference and Expo 2017 in Shanghai! We wish to send out our warmest thanks to all those involved in organizing such a great event.

View post on imgur.com

 

View post on imgur.com

View post on imgur.com

View post on imgur.com

Trillium in the news!

Following our presentation at Nedo last month, we’re being featured in an article by Pr table!
https://www.pr-table.com/JOIC/stories/590

dcf81f0949d498e89f24546f4edd58718721eea5

East Asia’s Hidden Threat: Unit 180

With cybersecurity experts across the globe scrambling to recuperate after the WannaCry attack earlier in May, suspicions have begun to fall onto the Democratic People’s Republic of Korea. Dozens of publications, including The Japan Times have published articles focusing on North Korea’s cyber spy programs.

Given special attention recently is a sector called Unit 180, a special cell in North Korea’s spy agency suspected of carrying out some of the largest cyber-attacks in the past decade. These include a cyber-heist on the central bank in Bangladesh and an infiltration of Sony’s Hollywood studio in 2014. Despite the publicity these attacks received, Pyongyang has always been able to deny their involvement in them, leading to an inability to investigate them further.

A prominent reason for the difficulty in indicting the hackers rises from the fact that the hackers often perform their attacks from outside of North Korea, travelling to China or other Southeast Asian countries under the premise of other business. These countries often have superior internet infrastructures than North Korea, a side-effect of their closed-off nature. From that position, they can attack computers all around the world, and with remote IP addresses no less. This problem highlights the need for not only a strong defense when it comes to cyber security, but also a swift and potent rebuttal. In order to truly be safe from future attacks, Trillium has poured time and effort into the development of our SecureIXS platform, giving us the much-needed ability to aggressively counterattack in the case of an intrusion. Not only is such functionality critical to securing users’ life and liberty, it is also instrumental in ensuring that perpetrators can be held accountable for their crimes.

In an age where dangerous military secrets could be plundered in a cyber-attack, this level of anonymity is a threat that cannot be left unaddressed. For as long as malicious entities such as Unit 180 exist, further investment and development of cyber defense is an avenue all nations must prioritize, lest that malice turn to open, unrestrained aggression.

Threats Lurking Beneath the Surface: The Rise of Cryptocurrency Snakes

With the world’s focus on the recent aggressive cyber-attack endemic, a subtler, yet equally terrifying threat has begun to emerge. WannaCry represented the brutal, blow-like impact a cyber-attack can have, directly assaulting the lives and livelihoods of people across the globe. This attack is drawing mass media attention, as it affects thousands of people worldwide, and prioritizes making itself known, forcing the afflicted user to either pay a ransom or settle for having their devices locked. What has failed to receive its due attention, however, is the snake known as Adylkuzz.

In contrast to WannaCry’s brash, up-front demand of a ransom in exchange for unlocking a system, Adylkuzz is a background cryptocurrency miner. It infects a device and uses it to mine Monero, a cryptocurrency similar to Bitcoin. This process is very computationally intensive, and as such results in loss of performance for both the devices and the servers they are connected to. These symptoms can often be attributed to simple problems, such as high internet traffic. The problem therein lies in that this kind of attack can continue indefinitely, without the user being explicitly aware that an issue exists. The average user could be a host for Adylkuzz for weeks and not even notice the drop in performance.

WannaCry is to a tornado as Adylkuzz is to a poisoned water supply. While the former openly draws the attention of those that it devastates, the latter allows the victims to proceed with their everyday routines with little to no idea that a problem exists in the first place. In fact, an article by proofpoint claims that Adylkuzz has been in play even longer than WannaCry, having begun shortly after the EternalBlue exploit was leaked.

“…it should be noted that the Adylkuzz campaign significantly predates the WannaCry attack, beginning at least on May 2 and possibly as early as April 24.” (proofpoint, May 15th 2017)

This threat, while on the same scale as WannaCry has received little media attention despite being present since early May. While the fear of open attacks keeps the public occupied, this kind of subtle attack has the chance to make its way into our systems.

The cybersecurity community needs to work hard to ensure that our networks and devices are secured, as when it relates to cyber-attacks, the absence of evidence is not the evidence of absence. Strong, flexible, and easily updateable security solutions like those developed at Trillium are a necessity not only to protect users from the threats they can see, but also the ones they can’t. The importance of swift preemptive action cannot be denied, as indeed an ounce of prevention is worth a pound of cure.

Cybersecurity and the Law

With the pressing issue of cybersecurity being brought into the public eye again as a result of last week’s WannaCry attack, lawmakers have been taking steps to see that laws are put into place to thwart similar incidents in the future. In a recent article by The Hill, Governor Terry McAuliffe is quoted in his dissatisfaction with congress’ approach to cybersecurity.

“I have been very public in my displeasure with the Congress,” McAuliffe said. “We don’t even have a committee [in] Congress today on cybersecurity. It is spread through many different committees — nobody will give up jurisdiction to come together.” (The Hill, May 17th 2017)

The governor’s words highlight the lack of concern for cyber defense in both chambers of congress up until now. As the fear of future large-scale cyber-attacks spreads, so does the pressure on lawmakers to begin enforcing regulations concerning state-level cybersecurity. As the chairman of the National Governors’ Association, Gov. McAuliffe is striving to establish basic minimum cybersecurity protocols that all states must abide by, with penal retaliation in the event of negligence on a state’s part.

With the increasing demand for safety from cyber-attacks, lawmakers and other governmental entities will be picking up speed in their establishment of standards for cybersecurity. Organizations such as the Society for Automotive Engineers (SAE) are already working in tandem with cybersecurity companies like Trillium to establish standards to protect automobiles and their drivers from cyber threats. The National Highway Traffic Safety Association (NHTSA) already dictates automotive safety measures through legislation, with safety policies for seat belts, airbags, brakes, and more.  It’s no stretch to say that the next major safety concern needing to be tackled in cars is cybersecurity, and to that end no small effort will suffice. The solutions must be potent, reliable, and dynamic enough to match speed with the ever changing environment of cyber-attacks, and Trillium is determined to provide those solutions.

Automotive Ransomware On The Rise

Not even a week has passed since the WannaCry incident began, and already cybersecurity experts around the world are voicing their concerns for the state of cyber defense today. In particular, attention has been brought to the possibility of a similar “ransomware” attack on automobiles, a potential threat dubbed “clampware.” News publications on both sides of the Atlantic have brought attention to this prospect, including coverage by Fox News’ Auto Tech column.

The idea of clampware comes from the notion that a car could be disabled through a cyber-attack, with the driver being ransomed into paying a sum in order to have control of the vehicle returned to them. It has already been shown that nearly all of an automobile’s functions can be controlled remotely by exploiting cracks in a car’s network connections. Software defects in a vehicle’s ECUs, radio, and wireless communication systems such as WiFi, Bluetooth, GSM, and 4G could be exploited to grant the attacker access to the car’s vital operation components.

In the event of such an attack, a driver could be left stranded on the road with no way to operate their vehicle unless they pay the ransom fee. If a driver is unable to pay the fee, it then begs the question of who’s responsibility it is to assist these drivers? Horrifyingly, even emergency vehicles such as ambulances, fire trucks, and police cars could be subject to such attacks. This has the potential to be a huge area of concern for car insurance companies and lawmakers alike, as standards for handling such scenarios will inevitably need to be put into place.

Not only is the integrity of the individual networks important, but so is the interconnectedness of the networks themselves. Services like Trillium’s SecureCAR that provide powerful encryption and authentication solutions for in-vehicle networks will rapidly become a necessity as cars become more integrated into the Internet of Things. As different forms of connectivity are added to the smart cars of the future, the number of attack surfaces that need to be protected increases at the same rate. To this end, static, unintegrated cybersecurity solutions will not hold up.

In a quote from professor Martyn Thomas, an IT expert at Gresham College, Financial Times brings to attention the necessity of speed in administering fixes to such problems. To reliably and efficiently keep an entire fleet of vehicles protected in such a constantly changing environment, smooth Over the Cloud updates such as those provided by Trillium’s SecureOTA are a necessity. The fixes need to be available as soon as an attack is discovered, and must be as un-intrusive as possible to minimize the disruption of customers’ everyday lives.

In the Wake of WannaCry

Last Friday gave the world a taste of the devastation a full-fledged cyber-attack can bring. Wannacry, as the ransomware attack has been dubbed, spread to over 150 countries, attacking individuals and corporations alike.

Even a Fortune 500 such as  Nissan was brought to its knees, as according to Business Insider, five of its plants had to stop production in the wake of this cyber-attack. The damage to the plants caused by this attack is almost ironic, as automotive plants are known to have very strict security measures in place when it comes to physical security. To protect the plant, anyone wishing to enter a plant often must be subject to metal detectors, searches, and other evaluations of their bodies and personal affects before being granted entry.

The devastation caused by this malware attack truly shows the importance of a layered approach. Corporations that focus on single layered defense, while neglecting others will find themselves at the mercy of attacks to their weak points. Trillium prides itself in its multi layered approach to cyber security, securing both the hardware and software aspects of in-vehicle networks. For example, our SecureIXS provides a strong firewall that repels any unwanted foreign messages from entering the network, while making use of AI-enhanced machine learning techniques to strengthen its defenses over time. This is further capitalized on with our seamless over the air updating schematic, allowing our products to always be ready to handle the newest cyber-attacks.

Seeing news like this further strengthens our determination to securing the world with our products, in the transportation space and elsewhere. This event serves as a harsh reality check for those companies that have neglected the importance of cybersecurity in protecting themselves, and we hope that this will motivate those corporations into taking preemptive actions to ensure a tragedy like this doesn’t reoccur.

Link to Original Article: http://www.businessinsider.com/renault-nissan-production-halt-wannacry-ransomeware-attack-2017-5

Autonomous-Drive Enabled Cities On The Rise – Cyber Security the enabling factor

With technology already at the point capable of enabling autonomous drive, the age of self-driving cars are now awaiting for the infrastructure to make it a reality. Some cities around the globe have already started to allow open-road testing of self-driving vehicles.

A recent piece from Motherboard explains the significant changes coming to the industry, that will evolve the current system.

The age of self-driving cars is indeed around the corner and with it, traditional businesses based off of human error, which will no longer be, will be faced with a significant model shift. “Self-driving vehicles have the potential to significantly disrupt the traditional auto insurance industry.” (PricewaterhouseCoopers, 2013).

The single biggest hurdle to overcome, to make this human error free, safer transportation landscape real  is undoubtably the deployment and development of cyber security to protect the systems that make it all possible.

This is the contribution that Trillium will play – to protect the infrastructure through an adaptive automotive cybersecurity subscription solution that will enable the security needed for autonomous drive solutions.  Paving the way for the the next generation of insurance policies.

Read the full story here

 

 

 

CONTACT US

CONTACT US TO LEARN MORE