In the world of autonomous and connected vehicles, you can't have true safety unless you have cybersecurity.
That's the message from Ami Dotan, CEO of Karamba Security, a Bloomfield Hills, Michigan, company that provides embedded cybersecurity for connected systems.
To help identify vulnerabilities, Karamba is creating replicas of automotive electronic control units that are intentionally left unprotected and open to hackers. The company then tracks attempted cyberattacks worldwide using a tool called ThreatHive.
A test this week generated nearly 12,000 attack attempts in just 24 hours, Dotan said Wednesday at the seminars.
"One ECU eventually was compromised by the hacker using a protocol which, if legitimate, allows OEMs or Tier 1s to change the code. Basically, it was impersonation."
Karamba terminated the attack as it was underway, but Dotan said the exercise proves his point: "Connected vehicles are prone to be attacked, just like any other thing.
"Connectivity benefits the users but on the other hand has to be protected," he said.
Dotan stressed that cybersecurity should not be treated as an afterthought or an aftermarket issue. "It has to be understood that this has to be built in. It's not an add-on.
"Not everybody sees it this way," he said. "But we are still striving to make the market more and more educated that this is a must."