David Barzilai, chairman of Karamba Security of Hod Hasharon, Israel, said the Pen Test hack did not surprise him. Security hackers never cease trying to break into any unprotected access to any connected device, he said.
Karamba has gathered intelligence on hacking activity by setting up what Barzilai calls “honey pot” decoys, connected to the Internet with no security protection or with easily guessed passwords. He said that within a month, each decoy recorded more than 300,000 hacking attempts.
All those attempts were almost certainly carried out by automated means. Hackers don’t necessarily know what kind of device they’re breaking into, Barzilai said. But once robotic hackers gain access to a device, any device running sophisticated programs such as those used in vehicles would become targets, he said.
Karamba’s security technology will go into its first mass-produced vehicles later this year, Barzilai said. He declined to disclose the OEM customer.
Monique Lance, marketing director for another Israeli supplier, Argus Cyber Security of Tel Aviv, said she was aware of the Pen Test hack. Argus is part of Elektrobit, which is owned by the global Tier 1 supplier Continental AG.
“It’s just another example of how increased connectivity is exposing OEMs to higher and higher risks,” Lance said. “It’s a warning signal for all the OEMs.”