Many carmakers are adopting ‘over the air’ (OTA) software for their increasingly connected and autonomous cars. Does this mean that there is increase in the risk of hacker hijackers?
Two years ago, hackers showed that they could remotely take control of a Chrysler Jeep. Earlier this year, Tesla boss Elon Musk warned about the dangers of hackers potentially taking control of thousands of driverless cars. Speaking at a National Governors Association meeting he said, ‘ I think one of the biggest concerns for autonomous vehicles is somebody achieving a fleet-wide hack. In principle, if someone was to hack all the autonomous Teslas they could send them all to Rhode Island as a prank. That would be the end of Tesla, and there would be a lot of angry people in Rhode Island.’
Mr Musk was quick to insist that a kill switch would ensure that the driver was able to gain control of the car and cut any links to the servers.
As cars become more sophisticated, incorporating features such as lane keeping, automatic braking and self parking, their systems are connected to the internet and the amount of software needed to control these systems is increasing. Also, It is much easier to use online updates – rather than repair-shop visits – for both automakers and customers.
OTA updates give manufacturers the ability to respond quickly as problems arise. Chrysler was criticised for sending out USB sticks with updates to patch the Jeep. Critics pointed out that criminals could easily intercept the USB sticks and infect them with malware.
Research consultancy IHS Markit estimates that by 2022, 160 million vehicles globally will have the capability to upgrade their onboard computer systems over the air.
‘Ultimately, as cars have become more connected, it does potentially create a bigger target and hackers have always altered their techniques as technology changes,’ said Robert Moran, an expert in car connectivity and security at NXP Semiconductors. ‘The fact that we can provide over-the-air updates is a security feature in itself, as it gives us the ability to respond and make changes’
Consumer trust is crucial, so security is paramount.
www.bbc.co.uk./technews (6th October)
Microsoft appears to have abandoned its smartphone operating system ambitions after Joe Belfiore (chief of the company’s Windows 10) sent a tweet stating that developing new features and hardware for the Mobile version of the OS was no longer a focus. He also added that he had also switched to Android himself.
Mr Belfiore said that Microsoft would support the many companies that had adopted the platform in terms of bug fixes, security updates, etc.
Windows 10 Mobile tried to attract users by letting them run the same ‘universal apps’ on both their PCs and handsets, but the concept failed to catch on. It has been reported that there wasn’t a wide range of devices running Windows 10 Mobile thus making it unattractive to retailers or operators. Consumers had reported that the operating system didn’t provide as good an experience as Android or iOS.
Mr Belfiore posted Microsoft had tried “very hard” to incentivise other companies to release universal apps – even writing their software for them in some cases – but the number of users had been too low for most to bother.
bbc.co.uk/technews (10th October 2017)
Microsoft has confirmed that some users of Outlook are unable to send emails or access their accounts.
Hundreds of users from around Europe have commented on the website Downdetector that they have been affected by the problem.
A common issue seems to be that emails remain in the draft folder and are not being delivered to recipients.
‘Intermittent connectivity is affecting customers in some European countries, which we are working to resolve as soon as possible,’ said a Microsoft representative. They are monitoring the environment while connectivity recovers.
www.bbc.technews (19th September)
A Russian-funded campaign to promote divisive social and political messages on its network has been discovered by Facebook. Approximately, £77,000 has been spent on over 3000 ads over a two year period.
The adverts did not back any political figures specifically, but instead posted on topics such as immigration, race and equal rights. Facebook has said it is co-operating with a US investigation into the matter. The advertisements were in breach of Facebook’s terms and conditions and spread false information to around 470 accounts
“The ads and accounts appeared to focus on amplifying divisive social and political messages across the ideological spectrum,” the company said in a blog post published on Wednesday.
The company said it believed, but could not independently confirm, that the accounts were created by the so-called Internet Research Agency, a St Petersburg-based group known for posting pro-Kremlin messages on social media.
The accounts in question have now been shut down.
www.bbc.co.uk/technews (7th September 17)
Emoticons were once thought to be the way forward in providing the world with a global language – one capable of crossing cultural borders. The reality, however, has proved to be rather to the contrary.
Even the most familiar emoji of a grinning face, can look very different on different devices or operating systems – and can be interpreted in different ways by a variety of cultures.
Intercultural expert and professional business coach, Alyssa Bantle, believes companies should be wary of their use in written communication. The advice of the experts is to use them sparingly – if at all. there is not a universal understanding of what many of the emoji mean ad it is very easy for them to be misinterpreted. A toothy grin on Windows was rated as emotionally positive while the same symbol on Apple looked more like a grimace to some.
Some emoji’s can quickly communicate the positive or joking tone of a statement – but different cultures read those faces differently – especially in regard to levels of formality and what is appropriate in workplace written communication.
In Zimbabwe there is a notable difference in larger versus smaller companies. In larger companies communication is traditional and formal. Protocol in meetings and emails is considered essential. Smaller companies are more informal and communication is frequent.
Some German companies, and in Indonesia, written communication style is formal where titles are used and last names. Using first names might seem friendly – but can be interpreted as a lack of respect – so emoji’s can only add to the complication.
In Latin American cultures, like Mexico, communication is also wordy, indirect and formal. This style shows politeness and respect.
It is so important that one considers deeper cultural issues when choosing how to get a message across. An emoji may not be appropriate even if it seems innocent and friendly. There is a fine line between the use of social media and the communication between colleagues at work. One needs to be clear about what is acceptable and appropriate for communication at work and at a business level.
NHS Lanarkshire was attacked by a new variant of Bitpaymer last week. The cyber attack led to some appointments and procedures being cancelled. Staff worked over the weekend to reinstate IT systems, and are trying to establish how the malware was able to infiltrate the network without being detected.
This infection shows how disruptive Ransomware can be. It encrypts the data it finds on a host computer so that it can no longer be accessed, and then demands payment, often in Bitcoin, for its release.
This type of cyber attack can happen at anytime – to anyone. The people who carry out these disruptive acts are opportunists. We should all aim is to make their job harder – by making sure we have strong passwords in place, and by backing up all files.
Most malware looks like it has come from a trusted source. A simply click on a link is enough to cause widespread disruption. Being prepared with as many security measures in place, as well as being vigilant and alerting colleagues to any unusual e-mails etc, is the way forward.
There are many examples of individuals and organisations that have chosen to part with their cash – but there is no guarantee that by paying the ransom you will get your files/data back.
You are most welcome to give one of our consultants a call – to check that all has been done to keep a cyber attack at bay. Be prepared and be safe.
ADECS-Maple – 024 7699 5930