Connected vehicles – which can be passenger cars as well as trucks, buses, bulldozers or any other type of commercial vehicle – rely on a variety of connectivity options, including WiFi, 3G or 4G mobile data links, Bluetooth and other wireless technologies. These provide a range of new on-board features and value-added services, such as predictive systems to bypass traffic jams, reduce carbon emissions, improve safety and vehicle performance. Vehicles are also becoming more connected through electronic systems like navigation, infotainment, and safety monitoring tools.
The proliferation of these technologies raises concerns about the ability of hackers to gain access and control to the essential functions and features of those vehicles and for others to use information on drivers' habits for commercial purposes without the drivers' knowledge or consent. As with all other devices plugged into the "Internet of Things", security and integrity of data is of critical importance to prevent unauthorized access or remote hijacking of a vehicle.
BT has a strong, award-winning, global team of security specialists, including "ethical hackers", who provide a standardized method to test systems by imitating hacker attacks, reporting possible vulnerabilities and providing recommendations. BT is now extending that expertise to advise vehicle manufacturers, insurance companies and other players in the automotive industry, with the aim of identifying and fixing vulnerabilities before the keys of a new vehicle are handed to a proud owner. To ensure the car remains safe throughout its lifetime, BT will also offer ongoing support to maintain security against new and evolving threats.
BT Assure Ethical Hacking for Vehicles includes a range of tests targeted at the "attack surfaces" of the vehicle. These cover interfaces that are accessible inside the car, such as Bluetooth links, USB ports, or the DVD drive, as well as external connections such as links to mobile networks or power plugs. BT looks at the end-to-end security by testing and verifying all the systems that interact with the connected vehicle. The ultimate objective is to identify vulnerabilities that would allow unauthorized alteration of configuration settings or that would introduce malware into the car. These remote systems can include the laptops of maintenance engineers, infotainment providers, and other supporting systems.
Udo Steininger, Head of Assisted and Automated Driving at TUV SUD, said, "In a few years' time, the majority of vehicles that are produced will be connected to the Internet or other networks, either for navigation, maintenance, cooperative driving or entertainment purposes, and the driver will expect the same usability he is used to from his smartphone. This bears complex challenges for the automotive industry, as cars are equipped with a number of embedded systems that have not been designed to be connected to the outside world. The industry needs to join forces, including with suppliers, IT security specialists and certification bodies, to agree on a common approach to interfaces and security standards for the Connected Car."
Hubertus von Roenne, Vice President Global Industry Practices at BT Global Services, said, "Vehicles are now connected devices, confronting manufacturers and suppliers with a whole new world of security challenges. For example, we have seen cars infected with malware while connected to a power charging station – because nobody had expected this would be possible. We use the expertise and knowledge of our Ethical Hacking consultants to identify these vulnerabilities – before others do. BT has decades of experience in securing connected devices and embedded systems across various industries and we are very proud to now offer that experience to the automotive industry."
For further information:
All news can be accessed at our web sites: http://www.globalservices.bt.com/us/en/news and http://www.btplc.com/news
About TUV SUD
Headquartered in Munich, Germany, and founded in 1866, TUV SUD is one of the world's leading technical service organizations, with more than 20,000 employees across 800 locations, partnering with clients wherever they are in the world. More information on www.tuv-sud.com
BT is one of the world's leading providers of communications services and solutions, serving customers in more than 170 countries. Its principal activities include the provision of networked IT services globally; local, national and international telecommunications services to its customers for use at home, at work and on the move; broadband, TV and internet products and services; and converged fixed/mobile products and services. BT consists principally of five lines of business: BT Global Services, BT Business, BT Consumer, BT Wholesale and Openreach.
For the year ended 31 March 2014, BT Group's reported revenue was £18,287m with reported profit before taxation of £2,312m.
British Telecommunications plc (BT) is a wholly-owned subsidiary of BT Group plc and encompasses virtually all businesses and assets of the BT Group. BT Group plc is listed on stock exchanges in London and New York.
For more information, visit www.btplc.com
For more information on BT's Ethical Hacking expertise, visit www.bt.com/btassure/ethical-hacking
BT Security is building on 70 years' experience of helping organizations around the globe and across all sectors get ahead of the threat curve and reduce the uncertainty and complexity of security. We provide an end-to-end capability to help organizations enjoy higher levels of security at a time when security budgets are not keeping pace with the threat landscape.
The sophistication of our security operations means that we think about the assets, the people, and the processes, and combine these with both network and security intelligence to help our customers stay ahead of the security risks. BT Security protects both BT and its customers. These customers are advised by a global team of 2,000 security practitioners and professional services consultants. To find out more about BT Security, visit www.bt.com/security.