Cyber Attack Takes Place Mostly Via Car Data Inputs: Ryan Ko

How Does Car Hacking Take Place And How To Track That?

Ko told us how they avoid cyber attack in Queensland. He wrote, "Technical demonstrations by private cybersecurity companies have shown that most of the attacks take place via data inputs to the car, usually via Bluetooth through the audio device, Internet connections or directly to the CanBus of the vehicle. To my best knowledge, there is currently no known effective way to track that within the car. This is why my team at the University of Queensland are currently researching techniques to detect cyber intrusions to the car."

How To Trust Cloud Servers? How Vulnerable They Are?

Cloud servers are one of the most vulnerable data if the privacy is not strong, most of the users still prefer not to use cloud servers to save their important files and documents on this question Ko says, "Most security professionals assume what is known as ‘zero-trust', as there are too many vulnerabilities and attack vectors on devices. Cloud servers, especially those on the public cloud, are not only susceptible to technical attacks but also could be exploited by the very system administrators working for the cloud service providers we entrust our data in. There is a need to know what happens behind the scene, and that is a research area known as cloud data provenance, which I have been studying for close to ten years"

What's Your View On NFC Transaction? How Vulnerable They Are?

Recently most of the banks in India have introduced NFC payment option on their credit and debit cards. This feature will not require any pin to get through the transaction beyond a limit. The concern about the NFC transactions are very high, and on this question, Ko suggested, "NFC transactions are common and enabled on most smart devices nowadays. Their vulnerabilities are almost the same as other wireless protocols and are susceptible to most of the same types of attacks, such as relay attacks or man-in-the-middle attacks. Payment related NFC is usually subject to very strict compliance, certifications and guidelines."

We also asked him about the vulnerability of UPI services, but as he doesn't know much about Indian UPI services. He chose not to comment on this topic.

How To Avoid Phishing Emails?

You might have received a whole lot of emails daily seeking your attention that you won $1 million, a trip to Miami, home loans, jackpots, and more. However, we know that these are phishing emails and its better not to click on them. To avoid phishing emails, he suggested that email providers have a really big role. According to him, the email provider needs to deploy automated spam and phishing email filters in their servers, so that users do not get trapped in phishing emails.

"That said, some will still go through undetected by the filters, and it is important for users to be careful not to click on links embedded within emails, especially those which would like to evoke a psychological reaction or impulse after you read it," he added.

Phishing emails could be an email which was seemingly sent by your bank or your telco provider informing you about a large unpaid bill. After you click on the malicious link, the link will send you to the fake website which will download malware into your computers, and possibly ask you to key in your username and passwords. Once you enter the username and password you're trapped.