|
the details of such enhancements are something we will not discuss by noteworthy at 7:31 am EST, Feb 4, 2015 |
BMW spokesperson: Like all electronic and cyber attacks on a vehicle, whatever form they may take, BMW continuously assesses its level of car security and enhances the level of defence where possible. For obvious security reasons the details of such enhancements are something we will not discuss, suffice to say the issue has been fixed.
Douglas Bonderud: Patching and secure code development [once] offered a potential solution to advanced threats, but the sheer number of zero-day exploits and software vulnerabilities makes it nearly impossible for enterprises to fully protect their assets. Protection in the form of patches requires constant updating and does no good against zero-day threats that have no immediate fix. Meanwhile, secure coding practices hold promise, but despite widespread adoption several years ago, the number of reported software vulnerabilities continues to rise: There was a 26 percent increase in 2012, the largest increase in five years.
Richard Bejtlich: We're making progress, but intruders still spend about seven months inside a victim's network before anyone notices.
Decius: Noticing is easier in a foreign place because mundane things are unusual. It's the sameness of the familiar that closes minds.
|
|
|