Tiv Thaiv Lub Tsheb Hluav Taws Xob Thiab Software-Defined Car

Automotive hacks tau nce ntxiv thaum cov thev naus laus zis tshiab xws li hluav taws xob, kev tswj hwm tus kheej thiab / lossis … [+] software-txhais tsheb tau nthuav dav ntxiv rau qhov muaj peev xwm hem. Yog li cybersecurity zej zog sib ntsib los kawm, sib qhia thiab teb. (Duab los ntawm Sean Gallup / Getty Images)

Getty Dluab

"Putin yog ad *** taub hau. Glory rau Ukraine. "

Qhov ntawd yog dab tsi hacked hluav taws xob tsheb chargers nyeem nrog rau lwm yam ntawm cov neeg tsis taus them nqi chaw nres tsheb ze Moscow tsis ntev los no. Thiab ntau npaum li nws ua rau luag nyav rau lub ntsej muag ntawm ntau tus neeg thoob plaws ntiaj teb, nws qhia txog lub ntsiab lus tsim los ntawm ntau tus kws tshawb fawb thiab cov neeg tsim khoom uas tau sib sau ua ke lub lim tiam dhau los ntawm xyoo 2022 (ib lub rooj sib tham uas tsom mus rau kev sib sib zog nqus, kev txhim kho hauv tsheb cybersecurity txhua xyoo): tsheb hacks tau nce. Qhov tseeb, per Upstream Automotive tsab ntawv ceeb toom, qhov zaus ntawm cyberattacks tau nce 225% los ntawm 2018 txog 2021 nrog 85% ua nyob deb thiab 54.1% ntawm 2021 hacks yog "Black Hat" (aka siab phem) attackers.

Nyob hauv nruab nrab ntawm kev mloog ntau yam, cov lus ceeb toom tiag tiag ntawm lub rooj sib tham no, ob peb yam tau tshwm sim: muaj ob qho xwm txheej zoo thiab xov xwm phem raws li qhov xav tau ua kom pom tseeb hauv thaj chaw tseem ceeb no.

Cov Xov Xwm Tsis Zoo

Hauv nws cov ntsiab lus yooj yim tshaj plaws, cov xov xwm tsis zoo yog tias kev siv thev naus laus zis tsuas yog ua rau muaj feem cuam tshuam rau Hnub Ib txheej xwm ntau dua. "Lub tsheb hluav taws xob tau tsim cov thev naus laus zis ntau dua, uas txhais tau tias muaj ntau qhov kev hem thawj thiab kev hem thawj," said Jay Johnson, Tus Thawj Saib Xyuas Kev Tshawb Fawb los ntawm Sandia National Laboratories. "Muaj twb muaj 46,500 chargers muaj nyob rau ntawm 2021, thiab los ntawm 2030 lub khw xav tau qhia tias yuav muaj kwv yees li 600,000." Johnson tau mus piav qhia txog plaub qhov kev cuam tshuam tseem ceeb ntawm kev txaus siab thiab cov txheej txheem ua ntej ntawm kev txheeb xyuas qhov tsis zoo nrog rau cov lus pom zoo, tab sis cov lus tau meej meej: yuav tsum muaj "hu rau caj npab." Qhov ntawd, nws hais tias, yog tib txoj hauv kev kom zam dhau tej yam xws li Kev Tsis Txaus Siab Kev Pabcuam (DoS) tawm tsam hauv Moscow. Johnson hais tias, "Cov kws tshawb fawb txuas ntxiv txheeb xyuas qhov muaj qhov tsis zoo tshiab," thiab peb xav tau txoj hauv kev nthuav dav ntawm kev sib qhia cov ntaub ntawv hais txog qhov tsis txaus ntseeg, qhov tsis zoo thiab cov tswv yim teb kom tsis txhob muaj kev sib koom tes, kev tawm tsam thoob plaws hauv cov txheej txheem."

Lub tsheb hluav taws xob thiab lawv cov chaw them nqi cuam tshuam tsis yog tib lub thev naus laus zis tshiab thiab kev hem thawj. Lub "software-txhais lub tsheb" yog ib nrab-tshiab architectural platform (* arguably ua hauj lwm 15+ xyoo dhau los los ntawm General MotorsGM
thiab OnStar) uas qee cov tuam txhab lag luam tau mus rau kev tawm tsam billions nyiaj raug nkim ntawm tsis tu ncua redeveloping txhua lub tsheb. Cov qauv hauv paus koom nrog hosting ntau lub tsheb lub hlwb offboard, uas tso cai rau rov siv dua thiab hloov pauv hauv software tab sis kuj nthuav tawm cov kev hem thawj tshiab. Raws li tib daim ntawv tshaj tawm Upstream, 40% ntawm kev tawm tsam ob peb xyoos dhau los tsom rau cov servers rov qab. Juan Webb, Tus Thawj Coj ntawm Kugler Maag Cie ceeb toom, "Cia li tsis txhob dag peb tus kheej," muaj ntau qhov chaw thoob plaws hauv lub tsheb cov saw hlau uas muaj kev tawm tsam xws li kev tsim khoom mus rau kev muag khoom mus rau offboard servers. Txawm hais tias qhov txuas tsis muaj zog tshaj plaws nyob qhov twg yog qhov pheej yig tshaj los nkag nrog qhov cuam tshuam txog nyiaj txiag loj tshaj plaws, qhov ntawd yog qhov chaw hackers yuav tawm tsam. "

Hauv qhov no, ib feem ntawm qhov tau tham ntawm escar yog xov xwm phem-xov xwm zoo (nyob ntawm koj qhov kev xav) ntawm UNECE txoj cai yuav pib siv rau lub lim tiam no rau txhua hom tsheb tshiab: cov tuam txhab tsim khoom yuav tsum ua kom pom qhov muaj zog Cybersecurity Management System (CSMS) thiab Software Hloov Kho Kev Tswj Xyuas Txheej Txheem (SUMS) rau cov tsheb yuav tsum tau lees paub muag hauv Tebchaws Europe, Nyiv thiab Kaus Lim Kauslim thaum kawg. "Kev npaj rau cov ntawv pov thawj no tsis muaj kev siv zog me me," hais tias Thomas Liedtke, tus kws tshaj lij cybersecurity kuj los ntawm Kugler Maag Cie.

Lub Neej Zoo

Ua ntej thiab qhov tseem ceeb tshaj plaws, cov xov xwm zoo tshaj plaws yog tias cov tuam txhab tau hnov cov suab nrov nrov thiab tau pib tsawg tsawg los tsim kom muaj kev nruj nruj los tawm tsam cov yeeb ncuab Dub Hat uas tau hais tseg. "Nyob rau xyoo 2020-2022, peb tau pom qhov nce hauv cov tuam txhab xav ua Kev Ntsuam Xyuas Kev Nyuaj Siab thiab Kev Ntsuam Xyuas Kev pheej hmoo lossis TARAR
A," hais Liedtke. "Raws li ib feem ntawm cov kev tshuaj ntsuam no, cov lus pom zoo tau tsom mus rau cov kev tswj hwm kev tawm tsam nyob deb vim qhov no ua rau muaj kev pheej hmoo siab dua."

Thiab tag nrho cov kev txheeb xyuas thiab kev nruj me ntsis pib zoo li muaj txiaj ntsig. Raws li tsab ntawv ceeb toom muab los ntawm Samantha ("Sam") Isabelle Beaumont ntawm IOActive, tsuas yog 12% ntawm qhov tsis zoo uas pom nyob rau hauv lawv 2022 kev ntsuam xyuas nkag tau suav tias yog "Kev cuam tshuam tseem ceeb" piv rau 25% hauv 2016, thiab tsuas yog 1% yog "Critical Likelihood" piv rau. 7% nyob rau hauv 2016. "Peb tab tom pom tam sim no cov kev pheej hmoo kho cov tswv yim pib them," hais Beaumont. "Kev lag luam tau txais kev txhim kho zoo dua."

Puas yog txhais tau tias kev lag luam ua tiav? Yeej tsis yog. Johnson tau hais tias "Txhua qhov no yog cov txheej txheem txuas ntxiv ntawm kev ua kom tawv nqaij tsim tawm tsam kev hloov pauv cyberattacks," Johnson hais.

Lub caij no, kuv yuav ua kev zoo siab rau qhov kawg ntawm cov xov xwm zoo uas kuv khaws cia: cov neeg Lavxias teb sab hackers tsis khoom nyiag khoom Lavxias ntau dua li kuv qhov kev tshaj tawm xov xwm.

Tau qhov twg los: https://www.forbes.com/sites/stevetengler/2022/06/28/cybersecurity-risks-protecting-the-electric-and-software-defined-car/