Cyber Security of New Space Paper
NCC Group’s Transport Security Practice has co-authored with the Surrey Center for Cyber Security and the Surrey Space Center a new paper titled ‘Cyber security in New Space’. It provides analysis of the threats, challenges and key technologies related to the satellite industry.
UK government cyber security guidelines for connected & autonomous vehicles
The Department for Transport, in conjunction with Centre for the Protection of National Infrastructure (CPNI), has created eight key principles of cyber security for connected and autonomous vehicles. The guidance has been produced in response to the large (and growing) attack surface presented by connected and autonomous vehicle technology, as highlighted below:
Vehicle Emissions and Cyber Security
Vehicle emissions and cyber security Recently Volkswagen admitted to installing “defeat devices” (software that manipulates the level of emissions of gases such as nitrogen oxide (NOx) from their vehicles during regulatory testing) in millions of its diesel cars. However, excessive levels of NOx are not the only concerning emissions from many of today’s vehicles – as more and […]
Broadcasting your attack – DAB security
Digital Audio Broadcasting (DAB) radio receivers can be found in many new cars and are often integrated into what has become known as the “infotainment system” – typically a large screen in the dashboard that the vehicle occupants interact with to control anything from what music is playing, to making phone calls, to viewing vehicle […]
DARPA OnStar Vulnerability Analysis
In a report [1] by US TV show “60 Minutes” about DARPA [2] and the Internet of Things, the Department of Defence has shown that it can hack the General Motors OnStar [3] system to remotely control a last-generation Chevrolet Impala. DARPA has been investigating the cyber security of vehicle systems and many other embedded devices in […]
Launching the first in our series of Research Insights
NCC Group has the largest commercial security assessment team in the world, and so we have significant exposure to technologies across every sector. Therefore, we have decided to start a series of whitepapers, drawing from our experience, which will provide Research Insight into a selection of these technologies and sectors, highlighting some of the trends […]
The facts about BadUSB
Introduction Since the BadUSB talk [1] by Karsten Nohl and Jakob Lell at Black Hat USA in August there has been much discussion about the implications of this class of USB attack. The discussions gained additional momentum when Adam Caudill and Brandon Wilson investigated the attack further and publicly released working code [2] at the […]
Spy-Pi: Do you trust your laptop docking stations?
Laptop docking stations are widely used in organisations, often in hot-desking environments. They provide a neat connectivity solution for workers who are semi-mobile and therefore use laptops rather than desktop PCs. However, laptop docks are an attractive target for an attacker. They have access to the network, to all the ports on a laptop, often […]
Lessons learned from 50 USB bugs
USB hosts are everywhere – laptops, TVs, tablets, car infotainment systems, even aeroplane seat-backs. All of these hosts need to understand the capabilities of devices that are connected to them – a process is known as enumeration. It is basically a conversation between the device and the host upon insertion to agree on what functionality […]