These hybrid systems were built at times when cyber security was not in focus, neither were these systems threatened by being connected to a public network or by being the target.
This area is becoming more and more digital. Increasing IT-OT convergence allows a larger attack surface from cyberspace. However, these systems are typically not prepared for attacks. Legacy systems are in operation (containing very old tools), put together by various subcontractors. But in the meantime we have seen cases of specific cyber attacks, this topic certainly needs to be addressed. Attacks in this environment can have physical consequences and the solutions have to take into account the specific situation: real time requirements, safety requirements, availability requirements - all of which pose particular challenges. Companies that perform well in traditional methods in an office environment may not be good at this.
It's not just a Tesla problem: cars have had CAN bus / CAN networks since the 90s. Nowadays a modern car has 30-40 computers - they are basically networks on wheels. Cars have many interfaces to the outside world: bluetooth, wifi, 4g, RDS (radio data system), GPS, the latest trend is the spread of the ethernet. In addition, there are more local things on a car to be supervised electonically: wireless tire pressure monitoring (WTPM), keyless entry, V2X interface short range (direct short range communication - DSRC) and also via 5G. These all are attack surfaces.
IOT devices make our environment intelligent: home, city, factory, health etc. Small devices embedded in the environment: they sense and react to it, they are adaptive to their environment, and they can even communicate with each other via the internet or some kind of backend system. The consequences of their proliferation are twofold: 1) they are also vulnerable to attacks from the Internet 2) if attackers gain control over them, they can be used to build a single large-scale attack infrastructure to launch massive attacks against traditional Internet-based systems (banks, websites, any kind of online service). IOT devices should therefore be protected in the same way as traditional computers.
We have done a lot of scientific research on the subject, we have real experience in the domain.
We often build the devices ourselves and test the attack methods on them, so that the defence systems are based on real data.
We follow the latest, still evolving standards.
We also provide training in this area, if necessary. From awareness-raising to more specialised areas.
We make suggestions to manufacturers to correct potential vulnerabilities.
Educational, transparent and detailed report to upgrade your security posture
Professional excellence, customer oriented attitude
Follow-up, support, training and consulting as requested
We have real professional knowledge and industry experience
All our results are delivered with business usability in mind
Copyright 2021 Ukatemi Technologies LLC.