You just bought a new car…and it got infected with malware.
You wouldn’t like the sound of it. Neither would we. Certainly, the automaker you bought your new car from will never want to be in the news. However, just like the recent Equifax data breach, there is a good chance—or should we say there are more chances—of such hacks on the new car you bought. As hundreds of thousands of cars come equipped with that latest infotainment system that streams entertainment and information to your car directly, they become an attractive target for hackers.
Welcome to the Connected World
At Infoblox, we have the opportunity to work with customers from a variety of industries. Increasingly, we are engaging with auto manufacturers around the world. As global automakers move to the new era of connected cars to provide the best of breed experience their customers demand, there are multiple issues that surface with respect to network security on which their data centers, drivers, and the entire infrastructure depend on – i.e., the network has become critical business infrastructure more than ever before. In fact, your life may even depend on it when you are driving that connected car.
When we initially engage the network and security leaders from these market-leading automakers, we observe three things.
Auto manufacturers are looking to build resilient networks. The connected cars need always-on connectivity as more services become part of everyday usage. While this is not unique to the auto industry, the connection between network resiliency and drivers and passenger safety in every car is new to the auto industry.
Security is top of mind for every organization, but auto manufacturers face a unique risk factor. While most organizations think of security dangers as lost productivity or revenue, the dangers of hacked vehicles can lead to lost lives. Even one incident of a hacked connected car causing a driver’s death can severely damage the manufacturer’s brand. A safety recall associated with a cyberattack would likely be orders of magnitude more consequential than any other recall.
Flexibility and Cloud-First Future
Like most major organizations, auto manufacturers are moving to a cloud-first future. However, that transition is gradual, which means their on-premises infrastructure will coexist with their cloud infrastructure for a while, and that still needs to be secured. Hence, when they are discussing security, they are demanding a holistic approach to securing on-premises and cloud native applications and infrastructure. The scale of connected car ecosystem can lead to petabytes of data being collected, which will not only create complexities for operations but also make securing the infrastructure a lot more complex.
Our Take on Connected Cars and their Security Imperatives
While the majority of existing security solutions focus on end-points or firewalls, Infoblox focuses on securing the network from the DNS-core. While traditional defense in depth approaches are important, our customers have come to realize that DNS has become a choice for hackers because of lack of attention. Hence, our mission is to secure DNS.
Based on our experience, here are four considerations for auto manufacturers when implementing the connected cars initiative.
Read our eBook DNS Security for Dummies on how to mitigate DNS-based threats.
Think from the Network Core
It is extremely important to integrate core network services to be able to attain the necessary agility that is demanded by the connected world. Users need to have clear visibility on what devices are where to monitor and take action. Moreover, manufacturers will need to take advantage of the network intelligence that modern core network services offer, such as criticality of assets, historical activity, and where they are on the network.
Think Holistic Security
In an effort to be a cloud-first enterprise, automakers just can’t simply afford to have a disconnected security strategy for a connected cars ecosystem by adopting a security strategy that focuses on one of the available cloud options. The security strategy needs to be holistic and cover both on-premises and cloud infrastructure (public, private, and hybrid).
Be Proactive. Don’t Wait for the Breach to Happen.
Though this sounds like a common-sense approach, remember all the IT projects that need to get done. It is quite easy to get lost in a myriad of projects that may not have focus on the holistic security. But it is imperative to close all gaps and blind spots – DNS being one of them. Forward thinking carmakers are being proactive in their strategies and investing in DNS security to detect malware early, block advanced zero-day DNS threats that other traditional security systems can’t detect and share intelligence with existing security systems for faster threat response.
DNS security helps you comply with GDPR, the new data privacy regulation from the European Union. GDPR stipulates that enterprises must report a data breach no later than 72 hours after becoming aware of it. In this case, it is much better to take preventive measures to stop data breach.
Leverage Best-of-Breed, Curated Threat Intelligence Feeds
While an automaker’s own connected cars ecosystem may be large and have a lot of data, in the security world, the more the merrier. Automakers will need a platform that can bring in aggregated, real-time and accurate threat feeds that can help detect and contain malicious attacks proactively.
In a recent blog post, our CEO Jesper Andersen has laid out the need for collective intelligence to make the world a better place for everyone. As leading enterprises, car manufacturers have a great opportunity to lead the efforts by bringing their unique industry perspective to the security challenges.
Where to go from here?
As a major player in DNS Security space, Infoblox has keen interest in talking to you to help secure your DNS. Our ActiveTrust® Suite provides a holistic approach to your DNS security by covering on-premises and cloud (public, private, and hybrid) to help you become a cloud-first organization.