Comment Re:Jesus, people... (Score 1) 126
I posted this above, but you are assuming they are either a 1 way from the server or sending log files.
I am a controls engineer so deal with this on a daily basis. Controls systems should be separate, there should be some kind of security, but the article doesn't specify. In the last 3 months, I have had 2 vendors show up that should understand security on controls networks but they are trying to sell me valves and instruments for my facility with WiFi built into it. Not only that, but you can actuate equipment and make modifications and in 1 case tunnel into the controls network right through the device.
I would hope GM was smart enough to properly secure this and their vendor sold it with a secure option, but quite often, the vendor is clueless about security options and the local facilities are as well.
IF GM did what they should, this is a non issue. If GM didn't, then this is insane. I have seen too many companies that should know better ignoring cyber security and the auto manufacturers ignore many cyber security issues in their vehicles, what are the odd they didn't get it right in their manufacturing facility?