Japanese industrial giants NTT Communications Corporation and Denso Corporation have decided to start a business “to respond to the threat of increasingly sophisticated cyber-attacks against vehicles.”
NTT Communications is a global IT services company that is a member of the NTT Group (which confusingly also operates NTT Data, another global IT services company). Denso is an auto parts maker that’s part of the Toyota empire.
The two companies have collaborated on vehicle security for a few years now, with NTT Communications bringing its consulting expertise around technologies such as networking, cloud computing, and managed infosec services such as building security operations centres for clients. Denso has shared its knowledge of just what goes on inside a car.
Now the pair have decided the time is right to productise those efforts by creating a “Security Operation Centre for Vehicles” that will offer at least the following four services:
- Vehicle monitoring and cyber-attack detection by automating the acquisition of log output from communications, connected servers, and security devices installed within vehicles
- Detection of cyber-attack trends along with the details of actual attacks against vehicles on an individual or fleet-wide basis
- Analysis of cyber-attacks and threats by expert security analysts, reporting of results and forensic information that facilitates recovery and response efforts, and real-time visualization and alerting for customers through a client portal site
- Vehicle security monitoring on a global scale
The two companies haven’t offered details of who they expect will become customers of the above services. The Register has asked if the VSOC will target individuals, fleet owners, manufacturers, or some other market, and will update this story if we receive a substantive reply.
Whatever the target market, we do know that the two companies believe the time is ripe for a VSCO service because “the number of vehicles facing threats from sophisticated cyber-attacks continues to grow.”
The pair therefore believe it has become “necessary to monitor connected cars, detect and analyze attacks at an early stage, and take appropriate measures.”
If they get it right, the two orgs believe they’ll “contribute to the realization of a safe and secure mobility society.”
The need for third party security services for cars is hard to dispute, as in these pages we have recently reported a Bluetooth hack that makes it easy to steal a Tesla, a horrid Hyundai hack, and a hopelessly insecure Honda. our archives contain myriad other reports of crackable cars.
In the years since many of those stories were published, vehicles have become more connected, and more computerised, increasing attack surfaces and the likelihood of attack. ®