In this episode, Kate dives into the latest automotive cybersecurity headlines — from wireless tire pressure monitoring vulnerabilities to supplier ransomware and SBOM validation breakthroughs. She unpacks critical issues affecting OEMs, Tier 1 suppliers, and dealerships, while highlighting the real-world implications of Bluetooth Low Energy attacks, supply chain risks, and continuous software validation.Whether you’re an engineer, cybersecurity practitioner, or dealership IT lead, this episode delivers a fast-paced, expert breakdown of what’s shaping the automotive security landscape right now.Key TakeawaysTPMS (Tire Pressure Monitoring Systems) still transmit unencrypted signals, leaving room for spoofing and tracking vulnerabilities.Supplier cyber incidents, such as those impacting Jaguar Land Rover, show how attacks ripple through the entire automotive supply chain.Bluetooth Low Energy (BLE) weaknesses continue to expose vehicles to unauthorized access — secure pairing and token rotation are essential.Ransomware groups like Akira are increasingly targeting distributors and service providers within the automotive ecosystem.Continuous SBOM validation and integration with threat intelligence are key to proactive risk management under ISO/SAE 21434 and UNECE R155.Machine learning intrusion detection systems (IDS) show promise but require realistic datasets and careful tuning to avoid false positives.Quotes“Safety signaling that can be faked is a problem. When drivers start to ignore warnings, we’ve already lost the battle.” “If your dealer network still relies on flat networks because printers — this is your sign to fix that.” “Your SBOM program isn’t about paperwork. It’s about knowing what’s in your software so you can fix what matters.” Timestamps(01:29) Wireless threats to tire pressure monitoring systems (TPMS)(06:00) Supplier cyberattacks disrupting Jaguar Land Rover’s production(08:30) Pen Test Partners’ guide to hacking Bluetooth Low Energy(11:00) Ransomware attack on Harbor Diesel & Equipment(13:42) Advances in SBOM validation and continuous vulnerability management(17:25) Machine learning intrusion detection for the Internet of Vehicles(20:32) Practical takeaways for OEMs, suppliers, and dealerships(23:50) Community questions and call for industry collaborationReferenced LinksAutomotive Cybersecurity Standards: ISO/SAE 21434UNECE Regulation No. 155 – Cybersecurity and Cybersecurity Management SystemsUNECE Regulation No. 156 – Software UpdatesPen Test Partners – Practical Guide to Hacking BLERansomware.live – Akira Group ListingKaspersky: A Decade of Vehicle Hacks ReportPlease Leave Us a Rating and ReviewIf you enjoyed this

Ver todos los episodios