In this episode, Kate dives into the latest automotive cybersecurity headlines — from wireless tire pressure monitoring vulnerabilities to supplier ransomware and SBOM validation breakthroughs. She unpacks critical issues affecting OEMs, Tier 1 suppliers, and dealerships, while highlighting the real-world implications of Bluetooth Low Energy attacks, supply chain risks, and continuous software validation.

Whether you’re an engineer, cybersecurity practitioner, or dealership IT lead, this episode delivers a fast-paced, expert breakdown of what’s shaping the automotive security landscape right now.

• TPMS (Tire Pressure Monitoring Systems) still transmit unencrypted signals, leaving room for spoofing and tracking vulnerabilities.
• Supplier cyber incidents, such as those impacting Jaguar Land Rover, show how attacks ripple through the entire automotive supply chain.
• Bluetooth Low Energy (BLE) weaknesses continue to expose vehicles to unauthorized access — secure pairing and token rotation are essential.
• Ransomware groups like Akira are increasingly targeting distributors and service providers within the automotive ecosystem.
• Continuous SBOM validation and integration with threat intelligence are key to proactive risk management under ISO/SAE 21434 and UNECE R155.
• Machine learning intrusion detection systems (IDS) show promise but require realistic datasets and careful tuning to avoid false positives.

(01:29) Wireless threats to tire pressure monitoring systems (TPMS)

(06:00) Supplier cyberattacks disrupting Jaguar Land Rover’s production

(08:30) Pen Test Partners’ guide to hacking Bluetooth Low Energy

(11:00) Ransomware attack on Harbor Diesel & Equipment

(13:42) Advances in SBOM validation and continuous vulnerability management

(17:25) Machine learning intrusion detection for the Internet of Vehicles

(20:32) Practical takeaways for OEMs, suppliers, and dealerships

(23:50) Community questions and call for industry collaboration

• Automotive Cybersecurity Standards: ISO/SAE 21434
• UNECE Regulation No. 155 – Cybersecurity and Cybersecurity Management Systems
• UNECE Regulation No. 156 – Software Updates
• Pen Test Partners – Practical Guide to Hacking BLE
• Ransomware.live – Akira Group Listing
• Kaspersky: A Decade of Vehicle Hacks Report

If you enjoyed this

In this episode, John speaks with a cybersecurity expert Karl Schlaugh about the rising cyber threats in the automotive industry, the challenges of securing vehicles, and the impact of regulations on automotive cybersecurity. They discuss various attack vectors, the importance of patch management, and the role of regulations in enhancing vehicle security.

• Cybercriminals target the automotive supply chain to amplify their reach.
• The automotive industry's long patch lifecycle makes it a lucrative target for cybercriminals.
• Regulations like UN ECE 155 and 156 are positively impacting automotive cybersecurity by requiring vulnerability management and encouraging transparency.
• The rise in cyber attacks on the automotive industry underscores the need for improved security measures and continuous monitoring.

1. "Cybercriminals always follow money. If you have malware running in a supplier, then you amplify your targets." - Karl Schlaugh
2. "The patch lifecycle in automotive is a hell of a lot longer, which is a good thing for cybercriminals." - Karl Schlaugh
3. "Regulations like UN ECE 155 and 156 are encouraging vulnerability management and transparency, which is very positive." - Karl Schlaugh

• (10:35) The long patch lifecycle in the automotive industry
• (16:50) Impact of regulations on automotive cybersecurity
• (24:10) Addressing cybersecurity in older vehicles
• (28:30) Key takeaways from the cybersecurity threat landscape report
• (36:17) Discussion on industry trends and future outlook
• (41:53) Monetary impact of cyber attacks on the automotive industry
• (43:31) Importance of reputation management for OEMs

• UN ECE 155 Regulation
• UN ECE 156 Regulation
• Automotive Cyber Threat Landscape Report 2023

Please leave us a rating and a review on Apple Podcast.

• LinkedIn

• ASRG
• LinkedIn

In this episode of the Security Breaks podcast, host John Heldreth welcomes Giuseppe Serio from Upstream Cybersecurity, a leading expert in automotive cybersecurity. The episode explores the latest developments in automotive cybersecurity, focusing on the Upstream Cybersecurity Threat Report for 2024.

Key Takeaways:

• Upstream Cybersecurity Threat Report 2024: The report provides a comprehensive overview of the latest threats in automotive cybersecurity, using data from VSOCs and external sources like the dark web. It serves as a key resource for industry professionals.
• The episode emphasizes the importance of responsible disclosure in cybersecurity research, focusing on safety and proper communication when dealing with sensitive information.

Quotes:

• "VSOCs play a crucial role in monitoring, detecting, and responding to cyber threats in real-time. They're essential for maintaining the security and safety of connected vehicles."
• "Responsible disclosure is key in the cybersecurity industry. It’s not just about finding vulnerabilities; it's about ensuring that the information is handled properly to avoid potential risks to public safety."

Timestamp:

(1:55 - 2:21): Discussion about Upstream's annual automotive cybersecurity threat report, which details the threats faced by the industry and its impact on the safety of vehicles and their operations.

(2:31 - 2:40): John discusses the length and comprehensiveness of the report, emphasizing its importance in providing insights into threats and the potential challenges facing the automotive industry.

(5:19 - 5:34): Giuseppe elaborates on the shift from calling it "Automotive SOC" to "VSOC," emphasizing that the concept has evolved from focusing on individual vehicles to the broader fleet and ecosystem.

(12:23 - 12:40): Discussion of the internal and external sources Upstream uses for research and threat intelligence, including their dedicated research team and the various sources used to compile the report.

(13:07 - 13:41): Giuseppe outlines the process of compiling the cybersecurity threat report, mentioning the significant effort and resources involved in gathering and analyzing the data to ensure accurate and comprehensive insights into the automotive cybersecurity landscape.

About the Guest:

Giuseppe is a cybersecurity expert specializing in the automotive industry. He brings a deep understanding of cybersecurity issues specific to the automotive sector, discussing topics like over-the-air (OTA) updates, electric vehicles (EVs), and autonomous driving technologies. Giuseppe's insights reflect a comprehensive grasp of current trends and emerging threats in automotive cybersecurity.

Connect with Giuseppe Serio:

LinkedIn: Giuseppe Serio

Website: Upstream

Connect With ASRG:

• ASRG Website
• ASRG Facebook Page
• ASRG LinkedIn

Download report here: