In an effort to provide new conveniences as well as meet physical security standards, many new consumer vehicles are offering more complex features. According to the recent "Connected Car Market (2013-2018)" report by ReportnReport.com, global connected car market shipments are expected to reach 59.86 million units and reach $98.42 billion by 2018.The introduction of features such as remote, self-diagnostics, satellite radios and built-in GPS systems, as well as features like keyless entry and ignition becoming common place, create a luxurious driving experience. However, these features which use integrated telecommunication and informatics systems called "telematics," can also introduce IT security consequences.
Veracode's "Connected Vehicles: Too Smart For Their Own Good?" infographic outlines many of the features vehicle manufacturers are developing, as well as the potential risks these applications can introduce. It includes recent examples of connected vehicles' vulnerabilities such as:
· Researchers at UCal hacked into telematics software to control engines, brakes, locks, alerts and more.
· Researchers at BlackHat 2011 unlocked and started a Subaru Outback using only their smartphones.
· The Self Destruct Virus starts a 60-second countdown that ends with the virus turning off headlights, locks the doors, shuts down the engine and disables the brakes.
The infographic will also help car manufacturers and consumers navigate risks so they can improve the security of connected vehicles through the use of tools such as the Vendor Application Security Testing (VAST) program.
"The development of features meant to improve the auto-industry can also introduce security vulnerabilities that have the potential to cause harm or the loss of data," said Chris Wysopal, co-founder and CTO of Veracode, Inc. "Bottom line, smarter does not mean more secure, and information contained in vehicles should be treated much like data in a personal or corporate computer. As car companies continue to develop technology meant to make our lives easier, consumers need to be aware of the potential consequences, and car manufactures must take security into consideration throughout the development and implementation process."
The "Connected Vehicles: Too Smart For Their Own Good?" infographic is available for download from the Veracode website here: http://www.veracode.com/blog/2013/04/the-future-of-cars-connected-vehicles-infographic/. Interested parties can embed and share the infographic on their websites or blogs with attribution.
Veracode is the only independent provider of cloud-based application intelligence and security verification services. The Veracode platform provides the fastest, most comprehensive solution to improve the security of internally developed, purchased or outsourced software applications and third-party components. By combining patented static, dynamic and manual testing, extensive eLearning capabilities, and advanced application analytics, Veracode enables scalable, policy-driven application risk management programs that help identify and eradicate numerous vulnerabilities by leveraging best-in-class technologies from vulnerability scanning to penetration testing and static code analysis. Veracode delivers unbiased proof of application security to stakeholders across the software supply chain while supporting independent audit and compliance requirements for all applications no matter how they are deployed, via the web, mobile or in the cloud. Veracode works with customers in more than 80 countries worldwide representing Global 2000 brands. For more information, visit www.veracode.com, follow on Twitter: @Veracode or read the Veracode Blog.