Security Experts:

Connect with us

Hi, what are you looking for?

SecurityWeekSecurityWeek

ICS/OT

GRIMM Opens Security Research Lab for ICS, Connected Vehicles

Cybersecurity research and engineering firm GRIMM has opened a new Grand Rapids, MI-based cybersecurity research lab. GRIMM provides security consulting, engineering and research services, including vulnerability research/testing and security training, to both government agencies and private sector enterprises. 

Cybersecurity research and engineering firm GRIMM has opened a new Grand Rapids, MI-based cybersecurity research lab. GRIMM provides security consulting, engineering and research services, including vulnerability research/testing and security training, to both government agencies and private sector enterprises. 

The new lab will enable the company to work closely on cybersecurity initiatives within the advanced manufacturing, aerospace, automobility and defense industries based in the region; and in particular it is designed to engage with companies in the automotive and aviation industries, including OEMs. It will major on the embedded (IoT) devices integral to the industrial control systems of these industries. 

“Practically every new vehicle has connected or autonomous components and smart city technologies are being deployed into urban infrastructure on a regular basis. The realities of the Internet of Everything means that distributed systems, from industrial control systems to aerospace manufacturing operations and everything in between, must have security measures embedded or run the risk of exposing countless enterprises, systems and users to vulnerabilities,” said Brian DeMuth, GRIMM CEO. “GRIMM’s Michigan lab will enable our team of researchers and security experts to become more deeply embedded into the critical industries — automobility, aerospace, defense and manufacturing — that support these advanced technologies.”

Learn More at SecurityWeek’s ICS Cyber Security Conference

Connected cars are a case in point. “By 2020, there will be a quarter billion connected vehicles on the road, enabling new in-vehicle services and automated driving capabilities, according to Gartner, Inc. During the next five years, the proportion of new vehicles equipped with this capability will increase dramatically, making connected cars a major element of the Internet of Things (IoT).” (Gartner) By 2020, one in five vehicles on the road worldwide will have some form of wireless network connection.

But the rush to connectivity is introducing serious security concerns. GRIMM’s new cybersecurity research facility will focus on embedded systems engineering to support its current car hacking initiatives and cyber research in the automobility and aerospace sectors. In the last month automobile vulnerabilities have included a bug in a misconfigured server run by Calamp that would allow attackers to track the vehicle’s locations, steal user information, and even cut the engine. 

Earlier this month it was announced that some Volkswagen vehicles could be remotely hacked by an undisclosed vulnerability that would enable attackers to control the on-board microphone to listen in on the driver and passengers, access the system’s address book and history while introducing the possibility of tracking the car via its navigation system.

Just yesterday, it was announced that Chinese researchers from Keen Security Lab had discovered more than a dozen locally and remotely exploitable flaws in certain BMW cars.

“Yesterday’s disclosure that a number of BMW vehicles are susceptible to a range of cyber vulnerabilities highlights that as we continue to add more connected and autonomous capabilities into vehicles, the surface area to secure becomes exponentially larger,” Bryson Bort, GRIMM chairman and founder told SecurityWeek. “This is precisely why GRIMM is announcing the opening of its dedicated cybersecurity lab in Michigan where it will work closely on initiatives within the advanced manufacturing, auto and defense industries based in the region. It will enable GRIMM to work more closely with original equipment manufacturers, suppliers, and other stakeholders in the automobility sector and beyond to improve the holistic security of automotive, aviation, and industrial control systems to address the challenges of cybersecurity in these fields.”

Related: How Connected Cars are Driving Greater Security Concerns 

Related: FBI Reminds That Cars are Increasingly Vulnerable to Remote Exploits 

Related: Hackers Can Get Into Most ‘Connected Cars’: Study 

Written By

Click to comment

Expert Insights

Related Content

CISO Strategy

Cybersecurity-related risk is a top concern, so boards need to know they have the proper oversight in place. Even as first-timers, successful CISOs make...

ICS/OT

Otorio has released a free tool that organizations can use to detect and address issues related to DCOM authentication.

ICS/OT

Vulnerabilities in GE’s Proficy Historian product could be exploited for espionage and to cause damage and disruption in industrial environments.

ICS/OT

A hacktivist group has made bold claims regarding an attack on an ICS device, but industry professionals have questioned their claims.

Cybersecurity Funding

Internet of Things (IoT) and Industrial IoT security provider Shield-IoT this week announced that it has closed a $7.4 million Series A funding round,...

ICS/OT

Vulnerabilities in industrial routers made by InHand Networks could allow hackers to bypass security systems and gain access to OT networks.

ICS/OT

Researchers have demonstrated that threat actors could obtain global private keys that protect some of Siemens’ industrial devices, and the vendor says it cannot...

ICS/OT

Schneider Electric in recent months released patches for its EcoStruxure platform and some Modicon programmable logic controllers (PLCs) to address a critical vulnerability that...