Mitigating the four major areas of cyber risk in the automotive sector

28th October 2019

Stuart Reed
VP Products

Back in 2015, two researchers hacked a connected Jeep Cherokee in a sophisticated attack enabling them to remotely control the steering, brakes and other key functions of the vehicle. This ground-breaking study was a wake-up call for an industry heavily investing in digital technologies to drive competitive differentiation and growth. But while 250 million connected cars are predicted to be on our roads by 2020, automotive makers must also consider the enterprise-wide threat to cyber security in four key areas.

In doing so, there’s a new and important role for DNS in helping to provide the visibility and control they need to keep threats at bay. If left unchecked, it’s a problem which could end up costing the industry as much as £19bn by 2023.

Going digital

Digital transformation is at the heart of automotive sector growth, helping to drive an industry worth an estimated £82bn annually in the UK. The complexity of modern cars is astonishing. The average vehicle is said to contain in excess of 150 million lines of code: three times that of the Hadron Collider. But this complexity and tech innovation stretches to all parts of the industry.

It includes the complex manufacturing machinery, operational technology (OT) and Internet of Things (IoT) systems which help to produce vehicles on the factory floor. The IoT in particular is said to be driving “transformational change” in the industry. Innovation is also seen in the cutting-edge 3D printing machines that play an increasingly important role in this manufacturing process. Back-end cloud systems also play a key role in helping to process and analyze data and support engineering, admin, finance and other staff.

Four areas of risk

However, with this digital expansion has come an increased exposure to online threats which could seriously impact the bottom line and corporate reputation, undermining innovation-powered growth. According to PricewaterhouseCoopers, there are four key areas of risk:

  • Factory machines: Internet connectivity exposes OT and IoT systems inside car manufacturing plants to the risk of remote attack. Hackers could theoretically sabotage key processes, hold carmakers to ransom by encrypting mission critical data, or even use unsecured endpoints to infiltrate corporate networks.
  • 3D printing: These systems are increasingly important to the prototyping and additive manufacturing process. But they’re also dependent on digital files which could be stolen by determined attackers.
  • Auto financing: The financial businesses which help customers pay for their vehicle in instalments are an often-ignored part of the automotive ecosystem. As these organizations collect large amounts of personal and financial data, they’re a major target for hackers.
  • Supply chain: The automotive sector has a large and complex supply chain. In the UK, over 2,500 companies provide everything from key internal and car body components to painting, assembly and inspection services. Many of these firms could be a target for data theft or sabotage given the crucial role they play in manufacturing and the sensitive IP they hold.

The impact of a serious cyber attack could result in data loss and service outages causing financial loss, production delays, lost competitive advantage and reputational damage. It’s no coincidence that 85% of global car executives polled by KPMG in 2018 argued that “companies not emphasising data and cyber security are at extremely high risk of sacrificing their brand reputation.”

Focus on the DNS

The question for automotive sector firms is how to mitigate these risks without impacting operations. This is where network detection and response, and the domain name system (DNS) come into play.

DNS plays a key role in every organization’s internet infrastructure, converting domain names into IP addresses so that machines and humans can communicate with each other online. Because it’s so important, DNS traffic is often whitelisted by firewalls, making it an ideal conduit for threats.

By compromising DNS servers, attackers can redirect unsuspecting users to malicious and phishing pages to spread malware and harvest sensitive information. DNS traffic can also be used to smuggle stolen enterprise data out of a target organization via “DNS tunnelling”, and for communications between command-and-control (C&C) servers and infected hosts. According to Cisco, more than 91% of cyber attacks use DNS in some form.

Nominet’s NTX solution provides automotive firms with the means to shine a light on suspicious activity. NTX spots known and unknown threats hidden inside large volumes of DNS traffic, automatically blocking attacks before they have had a chance to impact the organization. That’s the kind of proactive threat protection businesses need to mitigate risk, preserve corporate reputation and protect the bottom line without impacting performance.

Infographic: Driving a more secure future for the automotive industry

Download here