"What the Automotive Industry Needs to Learn from Nissan's Cybersecurity Error"
Nissan North America source code was leaked online because of the misconfiguration of a company Git server left exposed with default credentials. The Git repository contained the source code of Nissan NA Mobile apps, Dealer Business Systems, client acquisition and retention tools, market research tools, the Nissan ASIST diagnostics tool, internal core mobile library, vehicle logistics portal, and more. According to Tillie Kottmann, the Swiss IT consultant and developer who discovered the code, this data has been offered on torrent links and Telegram groups. Nissan's data breach is one of many cybersecurity incidents faced by automakers. Carmakers have to find a balance between security and convenience. A study released by Upstream Security found that cyber hacks might cost the auto industry $24 billion within five years. Another study by Ponemon revealed that almost 30% of companies in the automotive segment do not have a cybersecurity team in place. Many automotive companies do not even work with third-party vendors to help bolster the security of software in connected cars. This article continues to discuss Nissan's data breach, cybersecurity incidents experienced by other car manufacturers, the lack of consideration for cybersecurity among automakers, and the need for enterprises to consider connected cars as an insider threat.
CISO MAG reports "What the Automotive Industry Needs to Learn from Nissan's Cybersecurity Error"