Public Relations

Asgent's Connected Car Security Partner Karamba Announces that Autonomous Vehicles and Connected Cars are Receiving 300,000 Attacks per Month

January 15, 2019
Asgent, Inc.
(JASDAQ: 4288)

  Karamba Security (CEO & Co-founder: Ami Dotan, located in Israel), the connected car security partner of Asgent, Inc. (JASDAQ: 4288, President & CEO: Takahiro Sugimoto, located in Chuo-ku, Tokyo), a pioneer in providing network security, announces that based on data gathered by the connected car ECU vulnerability early detection service ThreatHive, autonomous vehicles and connected cars are receiving 300,000 attacks per month.

[ThreatHive Attack Report]
  Karamba's ThreatHive is a service that deploys ECU software in development under the Karamba supervisor system in multiple locations worldwide, and detects ECU software vulnerabilities using real-world hacking attempts by actual hackers. Because security tests can be performed over a long period of time during the test phase in the ECU software development process, OEM and Tier1 providers can gain actionable analysis information to fix security bugs and logical errors. According to data collected by Karamba, connected car ECUs made public on the internet under ThreatHive were attacked on average of 300,000 times per month by 3,500 attackers in the last three months alone. Attackers appear in various forms, and some of them are bots created to search out vulnerabilities in the ECU that controls connected systems.
  Karamba CEO & Co-founder Ami Dotan made the following comment. "As autonomous vehicles and connected cars become software driven, risks increase that hackers will find ways to take control of the vehicle by compromising ECUs. The automotive industry needs to take preventative measures and leverage technologies like ThreatHive that expose vulnerabilities for OEMS and tier 1s to address during the production stage, before the hackers identify and exploit such vulnerabilities in the car itself."
  Since Karamba ThreatHive began collecting data, it has been uncovered that 11 different types of attack were being performed. The ECUs made public by ThreatHive are being attacked by hackers for the purpose of malicious use of the services in the ECU. Among those were found the Telnet port attack that a white-hat hacker used to access a Volkswagen vehicle in April 2018, the SSH attack used on Subaru in 2018, and the HTTP attack on Tesla in 2017.

[Automotive World]
  Asgent and Karamba will display various connected car security solutions including ThreatHive at Automotive World (https://www.automotiveworld.jp/) to be held at Tokyo Big Sight convention center from January 16, 2019.
Event period: January 16-18, 2019
Location: Tokyo Big Sight convention center
Exhibition Booth: East 8 Gall No.E61-18
Displayed Products:
A hacking demo using an RC car shown at CES2019 will be performed. Also, the following solutions will be displayed.
Carwall (ECU security)
Awarded the TU-Automotive Best Cybersecurity Product award two years running! By implementing security into the ECU itself in the manufacturing process of the device, it is possible to defend against hacking while avoiding false positives that are want to occur in other security products.
SafeCAN (In-vehicle network authentication)
This performs authentication on in-vehicle transmissions to protect the automobile from physical hacking and illegal communication from unpermitted ECUs.
ThreatHive (Early detection vulnerability service)
Enables deployment of in-development ECU software and collection of attack information from Karamba cloud virtual machines located worldwide. By analyzing the collected information, it is possible to gain vulnerability information before general tests are performed.

[Karamba]
  Karamba Security provides industry-leading automotive cybersecurity solutions for autonomous and connected cars. Carwall and SafeCAN, products for Autonomous IoT security products prevent cyber-attacks with no false positives, authenticate communications including OTA updates, and provide end-to-end in-vehicle security with no overhead. It's merits include no connectivity and no updates, along with minimal performance impact. Karamba is engaged with 17 OEM and Tier1 customers in just two years following its inception. The company was recognized with TU-Automotive's Best Cybersecurity Product/Service award and the Best Cybersecurity Product/Service award from North American Frost & Sullivan in 2017, and in May 2018 was recognized as a Cool Vendor by Gartner in IoT security, as well as receiving the Best Cybersecurity Product award from TU-Automotive in June two years running. https://www.karambasecurity.com/

*Company and product names are the trademarks or registered trademark of the respective companies.