Industries: IoT

ARTICLE | June 13, 2023

New Research Shows Potential of Electromagnetic Fault Injection Attacks Against Drones

securityweek.com | New research shows the potential of electromagnetic fault injection (EMFI) attacks against unmanned aerial vehicles, with experts showing how drones that don’t have any known vulnerabilities could be hacked.

The research was conducted by IOActive, a company specializing in cybersecurity research and assessments. The security firm previously found vulnerabilities affecting cars, ships, Boeing and other airplanes, industrial control systems, communication protocols, and operating systems.

PRESS RELEASE | August 2, 2022

IOActive Expands Transportation Cybersecurity Business with Addition of Cybersecurity Expert Kevin Harnett

IOActive Engages Kevin Harnett as a Transportation Cybersecurity Account Specialist

Seattle, Wash., August 2, 2022 – IOActive, Inc., the worldwide leader in research-fueled security services, today announced that Kevin Harnett has joined the organization as a Transportation Cybersecurity Account Specialist. Harnett will be focused on expanding IOActive’s existing transportation security practice to help expand it across a wide variety of vertical markets such as: passenger/electric vehicles, commercial/freight trucks, EV charger infrastructure/networks, autonomous vehicle sensors, aviation/avionics, rail, maritime, along with smart cities, agriculture, industrial control systems, etc.

Harnett brings a wealth of cybersecurity and information technology knowledge and experience to IOActive and is renown across the cybersecurity industry for his dedication and commitment to improving the cybersecurity postures of the transportation sector. Kevin worked at the Department of Transportation’s (DOT) Volpe Center in Cambridge, MA for decades in designing and developing IT systems, managing cybersecurity certifications of FAA Air Traffic Control systems, and as a Program Manger supporting leading-edge embedded cybersecurity projects regarding “e-Enabled Aircraft” and “Vehicle Cybersecurity” – focused on automobile telematics and Electronic Logging Devices. Kevin has supported numerous standards committees in aviation and vehicle cybersecurity, such as: the Society of Automotive Engineers (SAE), Radio Technical Commission for Aeronautics (RTCA), International Civil Aviation Organization (ICAO) and European Organization for Civil Aviation Equipment (EUROCAE).

Jennifer Sunshine Steffens, IOActive CEO, notes of the hiring: “Kevin joins IOActive at a critical time as the Transportation Sector is encountering an explosion of targeted cybersecurity threats daily. We welcome his respected reputation in the industry for always “making a difference” with his customers, and are excited to have him continue the expansion of our growing Transportation Cybersecurity business.“

As the need to design and implement cybersecurity and security controls into products and systems gains momentum, the transportation cybersecurity market has become of primary importance to security service providers. Today’s passenger cars and commercial/fleet vehicles are mobile internet-of-things devices on wheels, and IOActive has been on the early cusp of supporting the transportation cybersecurity market providing consulting services in support of original equipment manufacturers (OEMs), suppliers and vendors.

Since 2013, IOActive has distinguished itself in the transportation security sector with original research on local and remote CAN bus attacks, high-level assessments of vehicle network architecture security and analysis of commonalities in vehicle cybersecurity vulnerabilities, and numerous findings impacting the aviation and maritime industries. This original research has been applied in IOActive assessments to help Global 1000 clients navigate their most critical transportation security issues.

About IOActive
IOActive is a trusted partner for Global 1000 enterprises, providing research-fueled security services across all industries. Our cutting-edge security teams provide highly specialized technical and programmatic services including full stack penetration testing, program efficacy assessments, and hardware hacking. IOActive brings a unique attacker’s perspective to every client engagement to maximize security investments and improve client’s overall security posture and business resiliency. Founded in 1998, IOActive is headquartered in Seattle with global operations.