Black Friday

BT launch new penetration testing service for connected cars

Ray Walsh

Ray Walsh

April 27, 2015

BT Group have launched a new security service that will work in partnership with the automobile industry to make sure that new systems which connect cars to the internet do not fall prey to cyber hacking.  BT’s new security team, called Assure Ethical Hacking for Vehicles (AEHV), will try to expose vulnerabilities within connected systems before cars go on sale by attempting to hack them, and will continue to offer services and support throughout the vehicle’s lifetime.

The launch of the new department happened last week at the RSA conference in San Francisco, and according to BT, was developed to help combat a problem that has been highlighted a number of times in the last year… when an American school boy managed to remotely start a car at a cyber-challenge event, for example, or the announcement by a law firm from Dallas that it was starting legal proceedings against three car manufacturers that had failed to adequately secure their vehicles’ systems from hackers.

Spotting an area where it can provide additional security expertise, BT has launched AEHV (which draws on the knowledge it has from running the systems that keep financial services secure), in order to help the automobile industry to sharpen up their systems. This will be achieved by allowing the ethical hackers to do penetration testing in the cars’ on board systems… imitating all possible methods of infiltration, and reporting vulnerabilities back to the automobile industry, while at the same time creating a set of standardized tests that can be used as a framework to continue making recommendations and improvements on an ongoing basis.

AEHV will look for problems in all possible ‘attack surfaces,’ beginning with those that are accessible within the vehicle (Bluetooth connections, USB ports, and on board DVD drive,) followed by external inputs such as internet connectivity and power plugs. The main aim will be to search for possible vulnerabilities that allow for system configuration settings to be altered or malware introduced.

‘The proliferation of [connected cars] raises concerns about the ability of hackers to gain access and control the essential functions and features of those vehicles, and for others to use information on drivers’ habits for commercial purposes without the drivers’ knowledge or consent, BT looks at the end-to-end security by testing and verifying all the systems that interact with the connected vehicle.’

Any remote systems that could pose a threat will be imitated, including maintenance engineers laptops, infotainment’ providers, and any other interlinked services from which malware could originate.

The team of white hat hackers will also look at possible ways to imitate attacks that could involve cyber criminals exploiting vulnerabilities within car systems to facilitate blackmail, or even remote car thefts – exploits which the UK’s government-led Trustworthy Software Initiative (TSI) says need to be monitored closely to guarantee the safety of in-car systems.

The TSI has already recommended that the main problem with in-car systems safety is poor software programming, and it is for this reason that BT has created this new service to find possible holes in on-board systems before they go on sale. BT intends for its service to be an important intermediary and advisory level between manufacturers and consumers who are going to become more reliant in the future on on-board internet connectivity,

‘BT is now extending [its] expertise to advise vehicle manufacturers, insurance companies and other players in the automotive industry, with the aim of identifying and fixing vulnerabilities before the keys of a new vehicle are handed to a proud owner.’

The TSI is convinced that road safety is going to be heavily influenced by on board systems in the future, and hopes that connected systems will have an important impact on the reduction of road incidents,  which are usually caused by human error  because of fatigue, bad decisions and inattention… and, with growing numbers of vehicles on the roads all the time, the TSI is convinced that connectivity and automated services which monitor a driver’s surroundings are the key to creating a safer road network in the future.

Vehicles that can, for example, communicate with one another by exchanging information about proximity and braking distances, and which can monitor road conditions and conditions, are all going to change the way we drive according to the TSI. This will take some of the pressure off the driver, and allow for the emergence of a new utopian age of road safety, which BT has cleverly placed themselves at the center of.

Your Information will never be shared with any third party.
Enter your email address to receive your Beginner's Guide to Online Security for Free
You'll also receive great privacy news and exclusive software deals!
Enter your email to get the ebook:
Your Information will never be shared with any third party.
Enter your email address to receive your Ultimate Online Privacy Guide eBook!
You'll also receive great privacy news and exclusive software deals!
Enter your email to get the eBook:
Special VPN Deal
Exclusive Offer
Get a Special Deal - 72% OFF!
With a biannual subscription
Exclusive Offer for Visitors!
50% Off Annual Plan
Limited Time Only
Exclusive price of
Exclusive Offer
Get NordVPN for only