Share
))
HBO and The Ringer's Bill Simmons hosts the most downloaded sports podcast of all time, with a rotating crew of celebrities, athletes, and media staples, as well as mainstays like Cousin Sal, Joe House, and a slew of other friends and family members who always happen to be suspiciously available.
…
continue reading
Manage episode 515887421 series 3554819
Content provided by Automotive Security Research Group. All podcast content including episodes, graphics, and podcast descriptions are uploaded and provided directly by Automotive Security Research Group or their podcast platform partner. If you believe someone is using your copyrighted work without your permission, you can follow the process outlined here https://staging.podcastplayer.com/legal.
In this episode, Kate dives into the latest automotive cybersecurity headlines — from wireless tire pressure monitoring vulnerabilities to supplier ransomware and SBOM validation breakthroughs. She unpacks critical issues affecting OEMs, Tier 1 suppliers, and dealerships, while highlighting the real-world implications of Bluetooth Low Energy attacks, supply chain risks, and continuous software validation.
Whether you’re an engineer, cybersecurity practitioner, or dealership IT lead, this episode delivers a fast-paced, expert breakdown of what’s shaping the automotive security landscape right now.
Key Takeaways
- TPMS (Tire Pressure Monitoring Systems) still transmit unencrypted signals, leaving room for spoofing and tracking vulnerabilities.
- Supplier cyber incidents, such as those impacting Jaguar Land Rover, show how attacks ripple through the entire automotive supply chain.
- Bluetooth Low Energy (BLE) weaknesses continue to expose vehicles to unauthorized access — secure pairing and token rotation are essential.
- Ransomware groups like Akira are increasingly targeting distributors and service providers within the automotive ecosystem.
- Continuous SBOM validation and integration with threat intelligence are key to proactive risk management under ISO/SAE 21434 and UNECE R155.
- Machine learning intrusion detection systems (IDS) show promise but require realistic datasets and careful tuning to avoid false positives.
Quotes
“Safety signaling that can be faked is a problem. When drivers start to ignore warnings, we’ve already lost the battle.”
“If your dealer network still relies on flat networks because printers — this is your sign to fix that.”
“Your SBOM program isn’t about paperwork. It’s about knowing what’s in your software so you can fix what matters.”
Timestamps
(01:29) Wireless threats to tire pressure monitoring systems (TPMS)
(06:00) Supplier cyberattacks disrupting Jaguar Land Rover’s production
(08:30) Pen Test Partners’ guide to hacking Bluetooth Low Energy
(11:00) Ransomware attack on Harbor Diesel & Equipment
(13:42) Advances in SBOM validation and continuous vulnerability management
(17:25) Machine learning intrusion detection for the Internet of Vehicles
(20:32) Practical takeaways for OEMs, suppliers, and dealerships
(23:50) Community questions and call for industry collaboration
Referenced Links
- Automotive Cybersecurity Standards: ISO/SAE 21434
- UNECE Regulation No. 155 – Cybersecurity and Cybersecurity Management Systems
- UNECE Regulation No. 156 – Software Updates
- Pen Test Partners – Practical Guide to Hacking BLE
- Ransomware.live – Akira Group Listing
- Kaspersky: A Decade of Vehicle Hacks Report
Please Leave Us a Rating and Review
If you enjoyed this episode of Security Breaks, please take a moment to rate and review us on Apple Podcasts — it helps others in the automotive cybersecurity community discover the show.
Connect With ASRG (Automotive Security Research Group)
🌐 ASRG.io
📧 Contact: [email protected]
4 episodes
