Skip to navigation Skip to main content Skip to footer

Research Blog

Insights and research from our global cybersecurity team.

Filter content

Reset filters

Cyber Security of New Space Paper

NCC Group’s Transport Security Practice has co-authored with the Surrey Center for Cyber Security and the Surrey Space Center a new paper titled ‘Cyber security in New Space’. It provides analysis of the threats, challenges and key technologies related to the satellite industry.


03 Jun 2020

UK government cyber security guidelines for connected & autonomous vehicles

The Department for Transport, in conjunction with Centre for the Protection of National Infrastructure (CPNI), has created eight key principles of cyber security for connected and autonomous vehicles. The guidance has been produced in response to the large (and growing) attack surface presented by connected and autonomous vehicle technology, as highlighted below: The guidance […]


08 Aug 2017

Vehicle Emissions and Cyber Security

Vehicle emissions and cyber security Recently Volkswagen admitted to installing “defeat devices” (software that manipulates the level of emissions of gases such as nitrogen oxide (NOx) from their vehicles during regulatory testing) in millions of its diesel cars. However, excessive levels of NOx are not the only concerning emissions from many of today’s vehicles – as more and […]


14 Oct 2015

Broadcasting your attack – DAB security

Digital Audio Broadcasting (DAB) radio receivers can be found in many new cars and are often integrated into what has become known as the “infotainment system” – typically a large screen in the dashboard that the vehicle occupants interact with to control anything from what music is playing, to making phone calls, to viewing vehicle […]


DARPA OnStar Vulnerability Analysis

In a report [1] by US TV show “60 Minutes” about DARPA [2] and the Internet of Things, the Department of Defence has shown that it can hack the General Motors OnStar [3] system to remotely control a last-generation Chevrolet Impala. DARPA has been investigating the cyber security of vehicle systems and many other embedded devices in […]


Launching the first in our series of Research Insights

NCC Group has the largest commercial security assessment team in the world, and so we have significant exposure to technologies across every sector. Therefore, we have decided to start a series of whitepapers, drawing from our experience, which will provide Research Insight into a selection of these technologies and sectors, highlighting some of the trends […]


19 Dec 2014

The facts about BadUSB

Introduction Since the BadUSB talk [1] by Karsten Nohl and Jakob Lell at Black Hat USA in August there has been much discussion about the implications of this class of USB attack. The discussions gained additional momentum when Adam Caudill and Brandon Wilson investigated the attack further and publicly released working code [2] at the […]


Spy-Pi: Do you trust your laptop docking stations?

Laptop docking stations are widely used in organisations, often in hot-desking environments. They provide a neat connectivity solution for workers who are semi-mobile and therefore use laptops rather than desktop PCs. However, laptop docks are an attractive target for an attacker. They have access to the network, to all the ports on a laptop, often […]


Lessons learned from 50 USB bugs

USB hosts are everywhere – laptops, TVs, tablets, car infotainment systems, even aeroplane seat-backs. All of these hosts need to understand the capabilities of devices that are connected to them – a process is known as enumeration. It is basically a conversation between the device and the host upon insertion to agree on what functionality […]