December 28, 2017
Mandated Electronic Logging Devices Raise Truck Hacking Concerns – United States
ELDs plug into a truck's on-board diagnostic (OBD) port that's connected to the truck's internal communications network, which can control such things as a truck's speed, instrument panel and braking. Simpson's concerns aren't completely off base, according to Sam Lauzon, a senior engineer in research at the University of Michigan Transportation Research Institute's Cybersecurity Department. "Your assessment on ELDs is, unfortunately, moderately accurate," Lauzon wrote an email exchange with Simpson and the Times Free Press. Not just tractor trucks, but all U.S. heavy vehicles, including concrete mixers, school buses and garbage trucks, have the same internal communications network, called the J1939 "vehicle bus," which was standardized so different manufacturers could sell their integrated systems and parts. It's not resistant to attack, Lauzon wrote, since it was designed for real-time, safety-critical data such as triggering the brakes when the brake pedal gets pushed. Transportation and cybersecurity researchers at the University of Michigan have used laptop computers plugged into a semi truck's OBD port to control all the gauges on a truck's instrument panel, disable the engine brake, and change a truck's speed — while overriding the driver's actions.
FBI’s Fingerprint Analysis Software May Contain Russian Code – United States
French whistleblowers have gone public with explosive claims that could trigger a wholesale review of how American law enforcement agencies collaborate with other agencies around the world — at least, as far as software procurement is concerned. The two whistleblowers claim that their former employer knowingly sold the Federal Bureau of Investigation a fingerprint analysis software package that it knew contained code developed by Papillon Systems, a Russian firm with close ties to the Kremlin. They also claim that this information was deliberately not-disclosed to the FBI.
Senate Bill Would Extend Authorities of Counterterrorism Advisory Board for Four Years – United States
Authorities of the Counterterrorism Advisory Board (CTAB), which coordinates the Department of Homeland Security’s (DHS) various intelligence, operational and policy-making functions, would be extended for four years under bipartisan legislation introduced in the Senate last week. U.S. Sens. Marco Rubio (R-FL), Maggie Hassan (D-NH) and Claire McCaskill (D-MO) introduced the Counterterrorism Advisory Board Advisory Act to codify CTAB’s authorities for another four years. “The Counterterrorism Advisory Board (CTAB) is an important component of the Department of Homeland Security’s work in preventing terrorist attacks by identifying and reducing security threats and vulnerabilities,” Rubio said. “This bill will ensure that the CTAB facilitates a cohesive operational strategy so that DHS components and their partners are best enabled to detect, deter and disrupt terrorist operations.” Passage of the bill, Hassan said, would ensure that the full resources of the federal government are coordinated to prevent terrorist attacks on the homeland.
FOR MORE INFORMATION:
To sign up for the complete daily G4S Corporate Risk Services Intelligence Bulletin, as well as regular intelligence and risk updates and news, click here to subscribe!