With the emergence of autonomous vehicles, a research firm revealed that there had been cases of widespread IoT (Internet of Things) -focused cyberattacks among transport and automotive organizations in the past 12 months.
According to research by digital platform security experts Irdeto, 77 percent of these organizations experienced IoT-focused cyberattacks which caused operational downtime, and compromised customer data or reputational damage.
The study revealed that only six percent of the respondents indicated that they have the necessary means to address cybersecurity challenges.
However, the survey revealed that 98 percent of the respondents agree that a security solution should be an enabler of new business models, which indicates that perception of IoT security is becoming positive within auto organizations.
“Despite the challenges and threats outlined by this study, it’s clear that the attitude toward security in the transport industry is on the right track,” said Niels Haverkorn, Irdeto general manager for connected transport.
“Through robust security, transport and automotive organizations can construct a foundation that not only realizes the benefits of fully connected and autonomous vehicles, but also enables profitable new business models. Through this approach, they will be able to balance safety, convenience, and customization throughout their business and products,” he added.
Although the mindset on security is quite positive among the organizations, the research also showed that 84 percent of the security decision makers in the transport industry of China, Germany, Japan, United Kingdom, and United States are either “very or fairly concerned” that their organizations’ IoT devices are being targeted by cyberattacks, hacking incidents or cases of security breach.
“The benefits of connectivity for today’s automobiles are clear, allowing greater mobility services to be brought to drivers; and inevitably to passengers of autonomous vehicles of the future,” said Dr. Clifford Liem, Irdeto technology director for connected transport.
“However, the underlying understanding for all is that technology cannot be implemented safely without robust security in place. Organizations must adopt a defense-in-depth approach to cybersecurity with many layers of security being implemented throughout, rather than simply protecting systems from the outside-in. This applies to both the organization itself and to connected vehicles they develop,” he said.
In terms of IoT devices, a majority of security decision makers working in transport organizations stated that the software of IoT devices is the most vulnerable element (39 percent), while 13 percent said that the infotainment system has the most prominent cybersecurity vulnerabilities.
The research also revealed that 31 percent of security decision makers said that their organizations have not implemented software protection technologies yet, while only 50 percent said that their organizations have implemented mobile-app protection and only 44 percent ensure that security is part of the product design lifecycle process. It said that it could be a problem if the product is a vehicle itself.