DNS Security – New imperative for connected cars and driver safety

You just bought a new car, and it’s already infected with malware.

You wouldn’t like to hear something like this.  Neither would we. Your car manufacturer especially wouldn’t want to end up in the news.  However, there is a good chance – or better yet – there are more chances your car will be exposed to such hacks.  As hundreds of thousands of cars come equipped with the latest infotainment system that streams entertainment and information to your car directly, they become an attractive target for hackers.

Welcome to the connected world

Infoblox has the opportunity to work with customers from a variety of industries and increasingly cooperates with car manufacturers around the globe. As global automakers enter the new era of connected cars and strive to provide only the best solutions to their customers, there are multiple issues impacting network security on which their data centers, drivers, and the entire infrastructure depend on. Network has become critical business infrastructure – more so today than ever before… In fact, your very life may even depend on it when you are driving a connected car.

When we initially started collaborating with network and security professionals from these leading car manufacturers, we’ve observed three main things:

• Resiliency

Automakers are looking to create resilient networks.  Connected cars need always-on connectivity as more and more services are deployed each day.  While this is not unique to the car industry, the link between network resiliency and driver/passenger safety in every car is a new concept.

• Security

Security is a top priority for every organization, however car manufacturers face a unique risk factor.  While most organizations think of security dangers as lost productivity or revenue, losing control of your vehicle can mean losing your life.  Even a single incident ending in a death of the driver or passenger can severely damage the manufacturer’s reputation.  Safety recalls associated with cyber-attacks would likely be substantially more consequential than any other service-related recall.

• Flexibility and cloud-based future

Like most major organizations, car manufacturers are heading to a cloud-based future.  However, that transition is gradual, meaning their on-premises infrastructure will coexist with their cloud infrastructure for a quite some time, and that still needs to be handled. That’s why car manufacturers, when discussing security, demand a holistic approach to securing on-premises and cloud native applications and infrastructure.   The scale of connected car ecosystem can lead to petabytes of data being collected, which not only creates complex operations but also makes securing the infrastructure through safety-related policies and processes a lot more complex.

Our approach to connected cars and the security imperative

While the majority of existing security solutions focus on end-points or firewalls, Infoblox focuses on securing the DNS-core infrastructure.  While traditional in-depth protection methods are still valid, our customers have come to realize that DNS has become a favorite target for hackers due to lack of attention.  This is why our mission is to secure the DNS.

Based on our experience, here are four considerations for car manufacturers thinking of implementing connected cars into their lineup.

• Think from the network core

It is extremely important you integrate core network services to be able to maintain necessary agility that is demanded by the connected world.  Customers have to be provided with straightforward information on what devices they are using, where they are, how to monitor and how to communicate with them.  Moreover, car manufacturers will need to take advantage of network intelligence offered by modern network services, such as risk and device criticality assessment, use history, and where they are on the network.

• Think holistically

In an effort to become technology leaders – usher in the cloud era –, automakers simply cannot afford to implement an obscure security strategy for a connected cars ecosystem by adopting a security strategy that focuses on one of the available cloud solutions.  Their security strategy needs to have a holistic approach and cover both on-premises and cloud infrastructure (public, private, and hybrid).

• Be proactive.  Don’t wait for attacks

Even though this sounds very logical, remember all the IT projects that need to get done.  It’s quite easy to get lost between the multitude of projects that may not be focused on holistic security.  But it is imperative to close all gaps and blind spots – DNS being one of them.

More attentive car manufacturers employ proactive strategies and invest in DNS security to detect malware early, block advanced zero-day DNS threats that other traditional IT systems can’t detect and share intelligence with existing security systems for faster and more efficient threat response.

DNS security helps you comply with GDPR – new EU data protection regulation which came into effect in May of this year. GDPR stipulates that organizations have to report a data breach no later than 72 hours after becoming aware of it. In this case, it is much better to implement preventive measures to stop potential data breaches.

• Deploy only best global solutions

While each car manufacturer’s connected cars ecosystem may be large and contain a lot of data, when looking at the security aspect – the more the merrier.  Manufacturers need a platform that provides aggregated, precise and accurate real-time threat feeds that can help detect and contain malicious attacks proactively.

As a leader in DNS security, Infoblox is especially interested in talking to everyone and helping them secure their DNS infrastructure.  Infoblox ActiveTrust® Suite provides a holistic approach to DNS security by covering on-premises and cloud infrastructures and helping organizations to become leaders in the new cloud era.