Blog

Cyber Security is Front and Center As Connected Cars Become More Commonplace

With more vehicles with connected features on the roads every day, cyber security has never been more important to drivers. Learn how to protect your connected car from hackers and other criminals in the digital age.  

Connected Cars

It’s no secret that cars are becoming smarter. In fact, by 2025, more than 250 million cars with connected features will travel roads all across the globe. As technology continues to improve and our automobiles become extensions of our technology-fueled lives, cyber security has officially taken to the roads.

Connected features, such as 4G LTE, Bluetooth and other can’t-live-without technologies are now standard on many vehicles. Sooner than later, seamless integration with smartphones, smart watches, smart houses and smart cities will change the way we use and interact with vehicles permanently. And while all these technological improvements are intended to make our lives better, every electronic touch point poses a potential danger that should not be overlooked. The last thing we want is to look back in time at this point in history and ask ourselves, “What were we thinking?”

As technology advances and more features become available, it is apparent that car manufacturers are equipping vehicles with connected technology faster than they can protect them – and you – from cyber threats.

At InfiNet Solutions, the leading managed IT services firm in Omaha, we want to ensure that our customers understand the dangers associated with connected features, especially when it comes to their automobiles, which can be prime targets for hackers.

How to Protect Our Cars Against Cyber Treats

Last year, the U.S. Government Accountability Office (GAO) released a report suggesting the U.S. Department of Transportation (DOT) needs to play a role in regulating connected vehicles. The study, which said a large number of vehicles were susceptible to hackers, was a warning sign for many.

The scariest thing was that proximity to the vehicle is not a deterrent for hackers. That was never more obvious than when two white hat hackers in Pittsburgh remotely hacked into a Jeep Grand Cherokee 600 miles away in St. Louis via the SUV’s infotainment system. Or when a Chinese security firm successfully hacked into a Tesla, unmasking multiple security flaws. Before the Jeep hack made international headlines, researchers at the University of Washington and the University of California, San Diego, successfully hacked a sedan and remotely took control of its brakes via Bluetooth.

So what are we to do? Here are three ways to protect your connected vehicle from hackers:

  • Do Your Research: Ultimately, protecting your connected car against cyber attacks starts with the manufacturer. Automakers, such as GM, Toyota, and Tesla, are hiring cyber security experts to ensure their vehicles are safe. For example, Tesla and Chrysler have both offered rewards (bug bounties) to hackers who are able to infiltrate their systems. GM also has a program rewarding hackers who break in, but critics say it’s not nearly as robust as Tesla or Chrysler’s. After all, Chrysler, which owns Jeep, has more incentive as it was forced to recall 1.4 million Grand Cherokees due to the above-mentioned hack. Since then, manufacturers have realized the benefits of keeping internal systems, such as the radio and brakes, separate.
  • Over The Air Updates: New holes in cyber security are discovered every day. The best way to keep any connected device – including your car – safe from cyber threats is to ensure routinely that all software is up to date. However, no one wants to bring their vehicle into the dealership on a regular basis for software updates. Enter OTA, or over the air updates. Tesla and BMW, for example, push automatic OTA security updates to vehicles if driver settings allow, similar to automatic updates to your smartphone or personal computer. OTA updates are an excellent way to provide drivers with peace of mind knowing the software in the vehicle works without complication.
  • Use a Trusted Mechanic: The easiest way for someone to gain full control over your vehicle is through the car’s onboard diagnostic port (OBD-II) connector. Through this computer port, authorized technicians can access and run diagnostics on every inch of your connected car. This is the main way mechanics determine what is wrong with your car. This access, in the wrong hands, can be dangerous. The same can be said for USB ports, which are usually connected to multiple systems, including Bluetooth, Wi-Fi, cellular communications and infotainment systems.

Even with all these mechanisms in place, there is little we can do to stop hackers from continually trying to infiltrate our lives. To give you a sense of what we’re dealing with on modern cars, the 2010 Chevy Volt contained approximately 10 million lines of code – that’s more than an F-35 fighter jet. Today, cars contain 100 million lines of code on average and many predict that will hit 200 million in no time. Considering the fact that every line of code has potential defects, security issues begin to pile up.

Addressing Cyber Security Head On

With automakers partnering with third-party resources – hackers and cyber security firms – the race to protect the automobile from cyber threats is at full speed. While many carmakers were hesitant at first to let hackers into their systems, they quickly realized the benefits and now openly encourage participation.

That is mostly because cyber security has become a safety issue for the modern automobile. With connected cars, we are not just talking about theft of data; we are talking about potential life-threatening issues if a hacker were to gain access nefariously to a vehicle.

Until automakers work to transform themselves into software companies and address the vulnerabilities head on, cybersecurity will remain a huge problem for the connected car. That is why we are here to help. For more information on how InfiNet Solutions can help secure your connected car against cyber attacks, email us at [email protected] or call (402) 895--5777.

Cyber Security is Front and Center As Connected Cars Become More Commonplace Read More »

Microsoft Teams Tips and Tricks

Microsoft Teams is a chat-based work hub destined to change the way you communicate with team members. Follow these tips and tricks to make the most of your Office 365 experience.

Microsoft Teams

The goal of Office 365 developers is not only to make better productivity applications, but they also want to allow for a more collaborative experience among users. To achieve this goal, they have developed a new application for their suite of products called Microsoft Teams. The driving force behind Teams is to get everyone working together in the most efficient way possible.

Microsoft Teams Overview

With Microsoft Teams, users have a digital hub for all their most important workplace applications. The service comes with Office 365 and the new chat element allows for easy collaboration for team projects. Teams was created as a competitor to the very popular service Slack. With Teams, real-time messaging with application integration makes the service a must have on any compatible device. Unlike Slack, Teams uses threaded conversations in order to avoid the confusion of searching through too many messages on your screen. As long as you’re an enterprise-level Office 365 subscriber, the application is completely free. It’s very important to have a business-level Office 365 subscription. Otherwise, Teams is unavailable on single subscriptions.

Tips and Tricks of Microsoft Teams

Toggle between private chat and team chat. You are in control of who sees your messages. Write to the entire team or send an individual message from the application. You can schedule and create as many group chat sessions as you like. All chat history is saved to help you go back and review previous messages. This is helpful if you need to locate a shared URL, image, or attachment. With messaging taking place in the cloud, you never have to worry about any information exchanged within the program being lost.

Give access to all of the tools your team needs to success. Microsoft Teams is more than just a chat room. Microsoft has enabled all of their most popular applications to be shared within Teams. Your team will be able to exchange information via OneNote, SharePoint, and Skype for Business.

Using Microsoft Teams can be overwhelming at first. The interface is fairly simple to figure out, but Microsoft offers plenty of tools to help navigate the interface. Within Teams is a new assistive feature referred to as “bots.” These bots are ready to answer any questions you pose to them. For instance, a “Whobot” will help you find team members based on their skill set or previous work assignments. Bots are expected to pop up from top companies such as Trello and SAP. These bots will help you better organize your current and future projects.

Calendar integration is another feature you should be using within Teams. All team members can schedule meetings within the application including the addition of recurring events. There is also a free and busy calendar option to let others know your current and future availability.

Although chat is a quick and easy form of communicating among teams, you may also choose to go live in real-time. With Skype for Business, you can begin a live video chat session in high-definition with premium sound.

Bring Microsoft Teams with you wherever you go. The application works on all computers running Windows 10, but also can run on iOS devices. Android and Windows phones and tablets can also run Microsoft Teams. Accessibility is very important to Microsoft developers and this is why options include keyboard only navigation, higher contrast resolution, and support for screen readers.

The most important feature is the high level of security offered with the Microsoft Teams framework. Teams abide by all global security practices and standards to keep your data confidential within the cloud.

Don’t miss out on this exciting new rollout from Microsoft 365.

Microsoft Teams Tips and Tricks Read More »

Driverless Cars– Utopian Dream or Dystopian Nightmare?

For many people, the vision of a world of driverless cars represents a commuter’s utopia, and for good reason. Commuting is costly, not only in terms of time and money but in terms of stress-related illnesses. Despite the fact that people have adapted to hurtling through space at 70 miles per hour while avoiding a potentially deadly crash, traffic is anything but relaxing. Just the idea of a car expertly programmed to detect and respond instantly to hazardous road conditions and the erratic behavior of all those other drivers is enough to lower a commuter’s blood pressure considerably. (Our own driving is, of course, always impeccable.) Driverless cars could also make it possible for people to give one another the increasingly rare gift of their undivided attention while traveling.

Skype For Business Choices

Any dream of utopia contains within it the potential for the creation of a nightmarish dystopia, and a world of driverless cars is no exception. The number of deaths and injuries resulting from crashes caused by human error could be greatly reduced. However, the number of deaths and injuries caused by deliberate human actions, such as hacking the computer systems of driverless cars, could increase. It isn’t hard to imagine the horror of a driverless car being hijacked and used to drive into a crowded building or cause a multi-car pile-up on a busy interstate highway. One article describes an experiment in which hackers demonstrated, under controlled conditions, how just such a scenario would be possible.

Security Vulnerabilities

IT experts are the first line of defense of our collective vision of a driverless utopia. Recently, the Cloud Security Alliance published a detailed report identifying 20 potential cyber-security threats to connected vehicle systems, including driverless cars. Many of those threats are vulnerabilities caused by the very things that have helped make commutes if not more enjoyable, at least more bearable. Those potential security loopholes include onboard diagnostic ports used for vehicle maintenance, USB ports, Wi-fi, Bluetooth, and entertainment devices that utilize internet connectivity.

Electronic vehicles depend on a CAN (Controller Area Network) message bus that allows communication between devices. The CAN bus was designed as a closed network without security features. According to the report, “An unauthorized party that gains access to the bus can block legitimate messages and transmit illegitimate ones.” Keyless entry systems and the Amazon Echo, which can start a vehicle remotely, also present potential security concerns. That’s why the group recommends that separate CAN buses be used for critical safety features such as braking and lane detection systems.

Precautionary Measures

Brian Russell, the chairman of the alliance’s IoT Working Group, stresses the importance of developing operational designs that “incorporate security throughout the development”. He also recommends using the Department of Transportation’s Connected Vehicle Reference Implementation Architecture as a design guide. Its protocols apply security measures to the enterprise, functional, physical and communications elements of connected driverless systems. Vehicles communicate with one another using both established infrastructure and a DSRC (Dedicated Short Range Communication). The DSRC assigns each message a digital certificate which prevents tampering. To keep out intruders, third party devices should only access a vehicle’s Bluetooth system using the mutual recognition and authentication of Bluetooth Low Energy.

In addition to high-tech security measures being designed and implemented, societies will require a whole new set of laws to successfully integrate driverless technology. That doesn’t just include traffic and insurance laws, but privacy laws. The amount of personal information collected by driverless technology is rivaled only by the amount collected by Facebook. Like Facebook, those who wish to utilize driverless technology may have to sign agreements too lengthy and complicated to read and understand without the expert assistance of a legal professional. In 2015, a class-action lawsuit was filed against Toyota Motor Corp., Ford Motor Co., and General Motors LLC, alleging fraud, false advertising, and violations of consumer protection laws. While the district court dismissed the complaint, the Electronic Privacy Information Center (EPIC) has filed a brief requesting that the dismissal is reversed.

It Takes a Global IT Village

Creating a commuter’s utopia in which drivers can enjoy all the benefits of driverless technology is an achievable goal. With the right security measures, it will become possible for elderly to retain their travel independence and for the young to increase theirs. Parents will be able to spend less time chauffeuring and more time parenting. Workers will be able to spend less energy commuting and more time and energy to enjoy the fruits of their labors. The phrases “fighting traffic” and “road rage” will disappear from our daily lexicon, making room for more interesting, and pleasant, topics of conversation.

IT professionals worldwide are working overtime to make a world of driverless cars a dream come true. The internet has revealed the degree to which we are all interconnected. That connectivity has the potential to significantly improve the quality of our lives. It also has the potential to expose us to greater danger. That’s why programmers and app developers, whether employed by a private enterprise or governmental organizations, must work together to prevent that dream from becoming a nightmare.

Driverless Cars– Utopian Dream or Dystopian Nightmare? Read More »

From Telegraphs to USENET and How to Protect Yourself from Spam

When someone thinks of spam they typically think of unsolicited bulk commercial email they receive in their inbox. However, the concept of spam started a little earlier than you might think. How far back? How does 1864 sound? Spam in 1864 you say? Yes, in the form of a telegraph, advertising a local dentistry actually. The Telegraph was so much news that the local paper even reprinted the telegraph that was sent to many households, further propagating the message.

Spam Messages

More recently, people consider the first spam email coming out of Digital Equipment in 1978 which went to a total of 393 people promoting their latest computer model. You can thank a Monty Python sketch based on a cafe that only served the canned spiced ham SPAM for the origin of the name. Another early spammer was the lawyers Canter and Siegel posting their “Green Card Lottery” message to USENET, a shared messaging system.

What does all this have to do with today? You don’t want to be known as a spammer. There are three ways to attack the spam problem. First off, you don’t want your marketing emails to be classified as spam. Secondly, you don’t want your mail server to be abused where someone sends spam through your hardware. While this wasn’t sent to you directly, your hardware could be blacklisted, thus affecting your own emails. Lastly, you don’t want your employees to respond to spam. There are ways to filter this at the mail server to prevent them from seeing the messages, or at least classify messages as fishy before their opened. Our company InfiNet Solutions can help you to protect your business from being labeled a bad apple in the email business.

Starting with the most important avenue, ensuring your marketing messages get through, there are some best practices to know about. For starters, don’t just send emails directly to your clients. Putting everyone’s email in the “To:” field of a message is bound to cause problems when someone does a reply-all. If you absolutely have to send a message to LOTS of people, it is better to use the BCC (for blind carbon copy) field of a message. Better yet, rely on a mailing list management package like that offered by Constant Contact. Typically, you don’t want to add people to the mailing list yourself. Instead, people should opt-in. More importantly, with each message you send, there should be unsubscribed instructions.

Protecting your mail server is not an easy task. There are some simple steps you can do like requiring that users are authenticated before sending a message, but someone can just spoof the email headers to make it appear messages came through your server. To best protect your server, in 2012 DMARC, or Domain-based Message Authentication, Reporting, and Conformance was introduced. Combined with the earlier introduced SPF, Sender Policy Framework, this makes sure that any messages appearing to come from your mail server actually came from your mail server. InfiNet Solutions can help you keep up with the latest ways to protect your email servers and thus getting your marketing messages through.

Lastly, it is important to look at the inbound side of spam. With all the talk of Russians hacking servers and the release of inappropriate celebrity photos, most of these attempts are triggered by phishing attacks of targets. You still need to worry about viruses being sent through email, but phishing involves fraudsters sending what look like real emails in the attempt to reveal personal information like passwords and bank account info. You don’t want your employees giving away the farm so that others can then get into your company network or your employees worried about identity theft. InfiNet Solutions can help protect your mail servers from letting these unsolicited emails through.

Contact us at [email protected] or (402) 895--5777 to learn more about how we can help you.

From Telegraphs to USENET and How to Protect Yourself from Spam Read More »

Wisdom Wednesday: Taking and Printing Screenshots on Windows 10

Need a fast Windows screenshot? We’ll show you how to do it!

Do you need to take a quick Windows screenshot for work or fun, but can’t figure out how to do it? Don’t worry: Our guide will show you just how it’s done.

Windows 10 Screen Shots

Copy the Screen for Posts

Traditionally, the “Print Screen” option is the quickest way to take an easy screenshot that you can use later on as desired. The only problem here is that these days Print Screen looks a little different based on what type of keyboard you may have. These steps may not all be available on some keyboards, especially more compact keyboards or non-Windows keyboards.

First, look at the top rows of buttons on your keyboard. Look for a button that says “PrtScn” or “Print Scr” or any other abbreviation (it may also be lurking around the Ctrl key, there are several places that they appear. If there’s a dedicated key, all you have to press it. This will instantly copy a snapshot of the screen. You can then go into any document and paste the screenshot wherever space is available.

Note that sometimes this feature is on a dual-purpose key, and you may have to access it by pressing the Ctrl or Fn key at the same time.

Automatically Save Screenshot as File

Let’s say that you don’t want to just copy a screenshot for pasting, but that you actually want to save a screenshot as its own photo file. In that case, you may need a combination of buttons. If your keyboard has both a Print Screen button and a Windows logo key, you can press them both at the same time: This will usually take a screenshot and then automatically save it as a separate file, typically in the desktop or its own screenshots folder.

Of course, it’s not always that simple. If you have a Windows key, an Fn key, and a Ctrl key, you may need to push some combination of these keys along with the Print Screen key to create an automatic save. A little bit of experimentation may be in order, but if you’re using a built-in keyboard (like on a laptop) then you can probably look up the best method.

Choose a Single Window as a Screenshot

This is a common case in many of today’s larger screens, where you have several windows open at the same time but only want to take a screenshot of one window, not the whole screen. There’s a way to do this, too: Click on the window you want to copy so that it’s highlight. Then press the Print Screen key and the Alt key at the same time. If your keyboard has an Fn key, you have to press Print Screen, Alt, and Fn at the same time to get this to work.

“Snipping” Screenshots

Windows also lets you select a particular area of the screen through a dedicated screenshot tool called the Snipping Tool. It’s not as fast as other methods, but it is very effective. Just type in “snipping tool” into your Windows search box and it will bring up the right link to select. This opens up a small bar that allows you to create a “New” screenshot and change the shape of the shot. You can then drag your mouse to create whatever size you need.

Looking for more information on how to use Windows 10? Remember to take a look at InfiNet Solutions’s Wisdom Wednesday series for continued advice. If our Omaha readers have any further questions or need help figuring out a problem, contact InfiNet Solutions at (402) 895--5777 and [email protected].

Wisdom Wednesday: Taking and Printing Screenshots on Windows 10 Read More »

Call Now Button