Wednesday, December 9, 2015

Your car can be hacked, but you can't denounce the manufacturer

Unless the car suffer damages or an accident, you can't denounce the car manufacturer only because it has software failures. This is the judgement dictated by a judge in the United States and we recommend it today as the interesting new of the day. We'll also talk about an initiative of the same government to ensure the critical infrastructures, and a training exercise about cybersecurity for insurers. We'll finish with the bravery of a bank that refused to pay the blackmail of a cybercriminal. 

Image courtesy of Kaspersky Lab
The companies Ford, General Motors and Toyota had been defendant because different models of their cars had software failures that can be used by a hacker to take the remote control of the vehicle. The judgement says that, although it can happen, it hasn't happened yet,  and he can't sentence the companies for something that hasn't happened. We'll see if this judgment applies in the rest of the World. We suspect it would.

Free Pentesting

Meanwhile, the government of this country is getting prepared in cybersecurity, after the attack against their data base that affected to millions of public employees. A few weeks ago we knew the department of interior has been auditing their systems and creating rules to securize them. Now we know they compromised to give "petestings" to all the companies related to critical infrastructures. We'll see what the security industry thinks, whom theoretically lose clients with this measure. We suspect that, to the contrary, they'll win clients.

Insurers insured

And to demonstrate that EEUU is ahead in cybernetic terms, we indicate the main health insurers of the country, whose clients sum the 60% of the population, because they made recently a exercise of cybersecurity simulation which consisted in an attack to steal their databases. The most common situation in this world. We would like to see other countries and sectors making similar trainings, but we suspect we'll have to wait a long time. 

Not surrender to blackmailing

We finish telling the bitter end of a story: in mid November, a criminal stole the clients data base of an Arabian Emirates bank. We talked about this then, explaining the thief asked a blackmail of 3 million dollars in exchange of don´t publishing the stolen data. We also explained how the bank didn't accept the blackmail and the thief started to reveal some data, to prove he was serious. We have to emphasise we are talking about accounts that in some cases have 12 million dollars in deposit, making a total of 110 millions. Finally, we've seen how the bank didn't surrender and the criminal has published the entire database


Post a Comment