MES Security: What can we learn from the Volkswagen Recalls?
[download]Download the BEST PRACTICES FOR DEVELOPING AN ENGAGING SECURITY AWARENESS PROGRAM whitepaper[/download]
I decided to write this article right after the news about Chrysler’s recall of cars affected by software vulnerability No doubt you had heard about hackers who hijacked a Jeep as this incident was covered by all the top media. I’d like to go deeper and assume that not this one, but similar security breaches may be a result of sophisticated cyber-attack. In theory, competitors could use the same techniques and insert vulnerabilities or backdoors into products intentionally. It looks like a script for a new episode of Mr. Robot, but another scandal related to Volkswagen proved that can be real and similar issues may become even more critical in the near future.
Let us first trace the history of vehicle recalls. Before I started collecting the information I expected to see a couple of examples in total, but I have found a dozen for the last several months alone! Here are the major recalls took place this only summer:
- July 08 – Japanese parts supplier Takata announced it is recalling 33.8 million vehicles in the U.S. because airbags could explode and send metal pieces flying at drivers and passengers. The faulty driver- and passenger-side airbags have been linked to at least seven deaths, including six in the U.S., and more than 100 injuries.
- July 8 – Ford recalled more than 400,000 cars in North America to fix a software bug
- July 9 – Honda recalled 4.5 million cars over exploding airbags
- July 13 – General Motors recalled 1.55 lakh cars in India.
- July 14 – GM