SiriusXM breach unlocks, starts cars

Curry, who works for New York-based Yuga Labs, a blockchain-based software development company, is known in cybersecurity circles for his interest in automobile telematics.

In September 2022, a hacker reached out to Curry to show him how he had breached Uber’s backend systems and compromised the ride-hailing service’s Amazon and Google-hosted cloud environments where the company stores its source code and customer data.

The automakers and SiriusXM said no mishaps resulted from the potential security breach.

“Honda is aware of a reported vulnerability involving SiriusXM connected vehicle services provided to multiple automotive brands, which, according to SiriusXM, was resolved quickly after they learned of it,” Jessica Fini, a Honda spokeswoman, said in a statement. “Honda has seen no indications of any malicious use of this now-resolved vulnerability to access connected vehicle services in Honda or Acura vehicles.”

In a statement, SiriusXM Connected Vehicle Services said that “the issue was resolved within 24 hours after the report was submitted. At no point was any subscriber or other data compromised, nor was any unauthorized account modified using this method.”

Hyundai spokesman Ira Gabriel told Automotive News that the automaker worked with third-party consultants to investigate the vulnerability as soon as Curry and his team brought the security issues to their attention.

“Importantly, other than the Hyundai vehicles and accounts belonging to the researchers themselves, our investigation indicated that no customer vehicles or accounts were accessed by others as a result of the issues raised by the researchers,” Gabriel said.

To hack a Hyundai, Gabriel said one needed the email address associated with the account, along with the VIN and the script, or code, used by the hackers.

Nevertheless, Hyundai implemented countermeasures within days of notification to further enhance the safety and security of its systems, he said.

Curry told Automotive News that he thought automakers could make their smartphone applications more secure through standardization, but they each take separate approaches in developing their applications.

“This is a really complicated issue, but I’d like to think our research helped remedy some of them,” Curry said. “Developing industry standards and standardizing protocols would help.”

For all the latest Automobile News Click Here 

 For the latest news and updates, follow us on Google News

Read original article here

Denial of responsibility! TheDailyCheck is an automatic aggregator around the global media. All the content are available free on Internet. We have just arranged it in one platform for educational purpose only. In each content, the hyperlink to the primary source is specified. All trademarks belong to their rightful owners, all materials to their authors. If you are the owner of the content and do not want us to publish your materials on our website, please contact us by email – [email protected] The content will be deleted within 24 hours.