One In Five Vehicle Software Vulnerabilities Are ‘Hair On Fire’ Critical

Long-time Slashdot reader chicksdaddy quotes a report from Security Ledger:

One of every five software vulnerabilities discovered in vehicles in the last three years are rated “critical” and are unlikely to be resolved through after the fact security fixes, according to an analysis by the firm IOActive. “These are the high priority ‘hair on fire’ vulnerabilities that are easily discovered and exploited and can cause major impacts to the system or component,” the firm said in its report…

The bulk of vulnerabilities that were identified stemmed from a failure by automakers and suppliers to follow security best practices including designing in security or applying secure development lifecycle (SDL) practices to software creation… The result is that vehicle cybersecurity vulnerabilities are not solvable using “bolt-on” solutions, IOActive concluded…

The article argues we’re years away from standards or regulations, while describing auto-makers as “wedded to the notion that keeping the details of their systems secret will ensure security.”


Share on Google+

Read more of this story at Slashdot.

Clip to Evernote

Leave a Reply

Your email address will not be published. Required fields are marked *