Carmakers struggle to hire hackers, the hottest job in the industryMcConnell Trapp has a special set of skills.
He can hack into cars and control aspects of them from his computer.
Trapp, 39, who has a law degree and speaks Japanese fluently, started hacking cars about 16 years ago. He used a computer, some various vehicle spare parts, a turbocharger and the help of few good friends to increase the 120 horsepower normally found in a 1995 Honda Civic sedan to almost 300 hp.
“It was a lot of trial and error,” said Trapp, who admitted he “blew up a lot of engines.”
Today, Trapp is director of Speed Trapp Consulting in Troy. He works as a legal “techno” consultant. He is one of the good guys who uses his ability to infiltrate car computer systems and uncover potentially dangerous flaws that would make them vulnerable to someone with malicious intentions. But if he were a bad guy, he knows how he could compromise several cars at once. Cars in operation today.
“I'd walk into a dealership. I would see if they have a WiFi router designated for customers and gain access into that first,” he said.
Then, if the dealership's service department server is hooked into the main system, he'd infiltrate the service department's storage database that the technicians use for vehicle diagnostics. From there it's as easy as inserting a “fake” update resembling other files for vehicles and infecting multiple cars there for service.
“Hypothetically, I could make a running engine turn off, or render other aspects of the car either useless, or just make it appear as though the vehicle constantly needs service or recalls when it actually doesn't,” he said. “That's the danger, that's the scary part.”
It's that threat associated with vehicle technology that is driving many auto companies and other industries to increasingly look to hire hackers with ethics like Trapp, called “white hat” researchers. Those hackers can identify cybersecurity flaws and thwart nefarious actions of “black hat” hackers.
But finding white hat hackers to hire is incredibly hard, personnel experts said. First, few people have those skills. Then, they must be vetted to make sure they have both the technological acumen and the moral compass for the job. The need for them is outpacing the thin supply.
Hackers for hireTypically, computer hacking is associated with a person or a group with malevolent intentions. The hacker gains unauthorized access to a computer and a technology dependent system to do harm.
In the 2017 movie, “The Fate of the Furious,” for example, actress Charlize Theron's character hacks into every self-driving car in New York City, takes remote control of them and causes mass chaos and destruction.
Depending on which hacker you talk to, some, such as Trapp, say such a movie scenario is unlikely in real life, especially if a human is still needed to turn on a car. Others say, though, that we are almost to a point where that could happen.
General Motors is leading the way in developing autonomous cars. It has promised to bring them to market in urban areas in a taxi-like platform next year. But the fear of scenarios such as the one in the movie, as well as a desire to keep customers' information protected in regular cars, is ratcheting up the need for the company to hire white hat researchers.
GM launched a new program this summer called Bug Bounty. It took GM years of forming relationships with white hat hackers. GM will now bring those hackers to Detroit and pay them a hefty bounty or cash payment for each “bug” they uncover in any of GM vehicles' computer systems.
Read more:
GM is hiring hackers: Here's why
Car hacking remains a very real threat
Famous car hackers head to GM's self-driving unit
Fiat Chrysler has had a Bug Bounty program in place since 2016. It pays white hat hackers up to $1,500 each time they discover a previously unknown vulnerability in vehicle software.
Last year, GM's self-driving unit, Cruise, hired famous car hackers Charlie Miller and Chris Valasek. The two, dubbed the “Cherokee Brothers” by Trapp and others in the hacking community, gained fame in 2015 when they proved they could remotely stop a Jeep Cherokee.
GM approachGM conducts its cybersecurity using a three-prong approach: It hires third-party companies that employ white hat hackers, it has its own hackers on staff and it has the Bug Bounty program.
GM and Cruise employ 25 to 30 white hat hackers on staff today compared with five to 10 in 2013, said Jeff Massimilla, GM's vice president of Global Cybersecurity. GM has about 450 people dedicated to all other aspects of cybersecurity across the company, he said.
“As we continue to get more connected and into AV, we will want to increase that number of white hat researchers,” said Massimilla.
Massimilla declined to say how much GM is investing to hire cybersecurity personnel, but he said, “It’s an extremely high priority, we’re well funded and well resourced.”
GM relies on its three-prong approach because of the shortage of white hat hackers, he said. Plus, many don't want to work for one company.
“Hacking a Camaro is pretty darn exciting, hacking an autonomous vehicle is pretty darn exciting — but it's tough to attract that talent because they’re just not there or they want to do it through bounty programs where they can work from home and have flexibility,” said Massimilla.
High priceMore than half of employer demand related to connected and self-driving cars is for workers in data management, cybersecurity and information technology, said the 2017 Connected and Automated Vehicles (CAV) Skills Gap Analysis by the Workforce Intelligence Network.
In 2015-16, there were 10,344 total job ads placed for CAV-related employment, and 5,400 of those ads were for jobs in data management and cybersecurity, the report said.
And, as demand rises for such skilled workers, the supply remains flat, thus inflating salaries. The average salary for CAV jobs in 2014-15 was $89,616. In 2015-16 that rose to $94,733, the WIN report said, citing data from Burning Glass Technologies.
There's a gap in demand for cybersecurity personnel, especially white hat hackers, versus the supply cuts across many industries. There also is in health care and insurance, said Bob Zhang, CIO of Strategic Staffing Solutions in Detroit, which works to find contract workers to fill such roles for its clients.
“The supply is really low right now. By 2020, the job gap will be 2 million jobs. That means 2 million unfilled openings in cybersecurity,” Zhang said. “You can’t just teach hacking. It requires a whole lot of knowledge from IT and computer science … you have to be the jack of all trades with a deep interest in systems networking.”
Some organizations offer training courses to verify a hacker as a “certified ethical hacker,” he said.
But most large corporations find it beneficial to hire third parties staffed with white hat hackers for specific projects.
“If I'm an IT manager, do I really want to hand-pick somebody and say, 'I’m going to put all of this multibillion-dollar company in the hands of the people I hire?' Or outsource it to a company that focuses on this type of service? Many do both.”
The gap in cybersecurity job demand versus supply is probably the largest gap in the IT industry's history, Zhang said.
“Once the security world matures and the amount of security providers increase, the demand will even out,” he said.
Creating the next generationSome colleges and universities offer courses in cybersecurity, but expanding that curriculum and recruiting younger people into vocational hacking courses to grow the talent pool can't happen fast enough to meet the soaring demand, said Jennifer Tisdale, director of connected mobility and infrastructure for Grimm.
Grimm is a technology consulting company with a new “car hacking lab” in Sparta, Michigan. It uses white hat researchers for automotive clients as well as other industries.
“We need to hire 20-plus researchers in the next two years,” said Tisdale. “I don't have time to wait for a college to structure a program for cybersecurity.”
College programs might not be the full answer anyway, said Brian Demuth, Grimm's CEO.
“There’s not a degree that should be created to do all of this, but there are things like extended learning that can help,” he said.
Grimm, which has 46 employees scattered across the country, looks for people who have a “fundamental view of computer science” and then trains, teaches and grows them from there, said Demuth.
Demuth, 38, is a hacker himself with a computer science background and a passion for tinkering with cars.
“I was always interested in how things worked. I grew up the son of a Marine, and he was in the intelligence field, so there were always computers and amateur radios around,” said Demuth. “My father was into mechanics and working on vehicles and making them start faster or stop faster. That’s what drove my passion into this.”
The hacker stigmaPart of the difficulty in recruiting hackers lies in the stigma surrounding the pursuit.
Matt Carpenter, 44, is Grimm’s lead researcher dedicated to automotive, aerospace and energy businesses. Carpenter works with four other white hat researchers in Grimm's car hacking lab.
“What I do and my team does is everything that can be done by an attacker,” Carpenter said. “We do this so that we can benefit the community and identify problems before someone with bad motives can do it.”
When asked if he calls himself a hacker, he said, “I like to be called a good guy, but there’s no way to be considered a good guy by everybody and do what I do. There’s a great stigma around being a hacker.”
Many people misunderstand the work white hat hackers do, which Carpenter said is “vital” to secure every car on the road.
“It takes a lot of deep knowledge and deep work,” said Carpenter. “You can’t pull me ..
Category: News Site
Anti-pollution activists stage protest at Volkswagen’s UK headquarters
Air pollution Campaigners and doctors set up ‘sick bays’ to highlight diesel emissions health risks Greenpeace air pollution campaigners and medical professionals have blocked Volkswagen staff from entering the company’s head office in Milton Keynes. Photograph: Chris J Ratcliffe/Greenpeace Doctors and anti-pollution activists have blockaded the UK headquarters of Volkswagen as the campaign to highlight… Continue reading Anti-pollution activists stage protest at Volkswagen’s UK headquarters
Electric cars: the race to replace cobalt
Become an FT Subscriber. Gain access to global coverage from local journalists on the ground in 50+ countries working around the clock to break news, analyze, spot risks and opportunities. Join over 300,000 Finance professionals who already subscribe to the FT. Go to Source
Honda and Panasonic experiment with battery swapping for electric motorcycles
Honda and Panasonic plan to conduct an experiment with battery swapping in Indonesia, using the Honda Mobile Power Pack with electric motorcycles. The project is to begin in December. As the third-largest motorcycle market in the world, Indonesia is dealing with massive air pollution as traffic increases. To address this issue, the Indonesian government has… Continue reading Honda and Panasonic experiment with battery swapping for electric motorcycles
Mich. firm 'out of business in three months' if auto tariffs kick in
Mich. firm 'out of business in three months' if auto tariffs kick inMary Buchzeiger wakes up each day wondering if the Auburn Hills-based auto supplier she's spent years building is on path to earn a billion dollars in annual sales … or spiral into bankruptcy.
Her uncertainty rests on whether President Donald Trump's proposed 25 percent tariff on foreign cars and parts is adopted. If it is, Buchzeiger, 44, will brace for the worst.
“We may have to start all over again and reconfigure the business,” said Buchzeiger, CEO of Lucerne International. “There's going to be some carnage along the way and it's going to be companies like mine that are first to go. We don't have deep pockets.”
Lucerne International sells about $50 million worth of parts it makes each year. It has eight plants in Asia where it fabricates auto parts using steel and aluminum before shipping them back to the U.S. for final production for its various automaker customers, the biggest being Fiat Chrysler.
Lucerne, for example, makes all the hinges on the Jeep Wrangler SUV. That means if Lucerne goes under, FCA may have to find another company to make those hinges, and there aren't very many.
Long-term contracts with its customers block Lucerne from passing its higher raw material costs or tariffs on to them. And Lucerne's profit margins are too thin to absorb the higher costs.
“I can't sell the products for less than what it costs me to produce them, and that's what would happen with the tariffs,” Buchzeiger said. “We'd be out of business in three months.”
Growing up carsLucerne has considered opening a U.S. manufacturing plant to lower its reliance on Asian imports, Buchzeiger said. But those plans are on hold because the company's future is in question, she said.
The postponed plant would have created about 125 full-time jobs, she said, although with the low U.S. unemployment rate there are few skilled trade workers available to hire to ramp up production to fulfill orders.
Buchzeiger is intimately familiar with the complexities of the automotive supply chain. She grew up in Ortonville and her family was deeply rooted in the car business. She started working in it when she was a kid and her father quit his purchasing manager job at General Motors in 1984 to start Lucerne International.
“My parents couldn't afford day care, so I went to work with them over the summers,” Buchzeiger said.
Her parents had a small plant in Pontiac and Buchzeiger said, “I was driving a forklift truck at age 13. I've always been around the business and I've always worked.”
In her 20s, Buchzeiger moved to East Lansing intent on going to Michigan State University. Instead, she started a marketing company there producing menus for bars and restaurants. She graduated from Lawrence Technological University in Southfield in 2000 with a bachelor of science in industrial operations. She went to work for Lucerne, which had about $2 million in annual sales at that time.
After working her way though the company, in 2005, she recognized that Lucerne needed to expand its presence in Asia.
“In 2003, 2004 and 2005 we started to see all our products move offshore, so it was sink or swim,” Buchzeiger said. “It was a good time to open our doors, get on a plane and make some things happen on the other side of the world.”
She bought the company from her father in 2015. It had $12 million in annual sales and had 14 employees at the time.
Going gangbustersOver the past three years, Lucerne's business has been “gangbusters,” Buchzeiger said.
“We were growing significantly. We are at just under $50 million in sales and 46 employees,” Buchzeiger said.
Fourteen of those employees are in Asia and one is in Europe. The company's goal is to hit $1 billion in annual sales in nine years, she said.
That's why it became critical to protest Trump’s first round of tariffs on Chinese products, because 90 percent of Lucerne’s revenue was tied to products that fell under that provision. Namely, the hinges used on the Wrangler, which is assembled in Ohio.
Trump's tariffs on Chinese goods, including autos and parts, under Section 301 of the Trade Act of 1974, are separate from the Commerce Department investigation of whether cars and parts made elsewhere are a threat to national defense and therefor eligible for new tariffs under Section 232.
Read more:
Tariff hearing: Tax would cut U.S. jobs
Automakers: Trump tariffs would cost consumers
“The Jeep Wrangler is half my business. It's $25 million in sales, and that is 25 percent tariff, so it's a huge increase in price,” Buchzeiger said.
Buchzeiger and her leadership team waged a campaign to win an exemption. “I went to Washington and testified,” she said.
It worked; the administration removed Lucerne's product codes from the tariff list.
“That was a small victory,” Buchzeiger said. “The new threat is the rest of the tariffs. The 301 is just China. Now they have another list and pretty much everything else we make in Asia is effected by that.”
Many of her contracts are negotiated for longer terms, so if Lucerne faces rising costs to do business, it cannot charge more for its parts.
“There's no caveat for tariffs. They're watertight. You cannot come in and raise your prices,” Buchzeiger said. “People don't understand the intricacy of the supply chain. We produce those hinges at eight different facilities in China and Taiwan, then they come into Michigan before being shipped to Ohio. The bigger suppliers have deeper pockets and can absorb costs and move things around. The smaller ones can't. It'll be bigger than 2008 when we crash.”
'A holy mess' Buchzeiger did not travel to Washington to testify against the proposed 232 tariffs, but submitted written testimony about the possible impact on Lucerne. She said, “I feel like we're fighting for the entire industry.”
Buchzeiger said Trump's proposed 232 tariffs will make the U.S. automotive industry much less competitive with auto companies around the world.
“It's going to crush our race for autonomous vehicles and for future vehicles,” she said. “We're going to lose.”
Lawyer Catherine Karol at Butzel Long in Detroit said her supplier clients are being hurt by the 301 tariffs already in place. Butzel Long represents more than 3,500 clients globally, about a third of which are in the car business, almost exclusively suppliers, she said.
“It's dire for some of these smaller suppliers,” said Karol. “They are looking at possibly shutting their doors. They're getting choked.”
Ultimately, the increased costs will be passed onto consumers, Karol said.
“Auto parts suppliers are getting hit in all directions: Steel, aluminum … it will just keep growing,” Karol said. “Their heads are spinning. Then when you propose the 232 tariffs on the auto parts … the way the global supply chain is set up, parts go back and forth numerous times no matter where the vehicle is assembled, so that one will be a holy mess in addition to the tariffs already impacting these suppliers.”
GM, Toyota warn of job cuts over auto tariffs
Scrambling for a solutionBuchzeiger said she understands the motive behind the Trump administration proposing the tariffs: Bring manufacturing jobs back to the U.S. That's harder than it sounds, she said. For one thing, when she investigated producing parts here, she could not find an existing plant with the capacity to build the volume of parts she needed.
Already, Lucerne has taken about a 20 percent hit on its parts sales to BMW. That's because China raised the import tax on cars from the U.S. to 40 percent in retaliation for Trump's higher tariffs on Chinese goods.
BMW builds SUVs in Spartanburg, South Carolina, and exports them to 140 countries, including China. BMW has scaled back the number of cars it plans to sell in China now because of the tariff. Therefore, it is ordering fewer parts from Lucerne, she said.
Besides the financial hit, the tariff issue has been an overall distraction to business, Buchzeiger said.
“We've wasted so many resources on dealing with these tariffs and rather than me spending my time running my business and doing what I'm good at, I am spending time in Washington and addressing this issue,” Buchzeiger said. “Other companies have told me they've had to pull (people) off their regular jobs and put teams together to address these tariffs.”
She said a supplier she knows sold one of his divisions because he needed to get out from under the tariffs and change up the company's operations.
“I want to keep growing and bring manufacturing back to the U.S., but we need time,” Buchzeiger said. “I can't even fill my open spots right now because of the low unemployment rate. There is a shortage of skilled trades. I don't have people to put in a plant, so it's a compound issue.”
So Buchzeiger will continue to forge forward and devise a contingency plan in the hopes of securing Lucerne's future. She said before she has to lay off any of her employees, she would first cut back on some of the community programs Lucerne sponsors. And she will continue to lobby Washington.
“It's my duty to stand up and speak out,” Buchzeiger said. “I'm always a glass is half full kind of person, so I know there's a future. The size of it? I'm unsure of and we're looking at what we can do so that we don't have to lay one person off.”
Contact Jamie L. LaReau at 313-222-2149 or jlareau@freepress.com
Read or Share this story: https://on.freep.com/2MuB4Bd
A low-cost Tesla car? Elon Musk talks about tech (without turmoil) on YouTube
[embedded content] On the heels of Elon Musk’s angst-filled, market-moving interview with The New York Times, YouTube techie Marques Brownlee offered up lighter, brighter fare from a one-on-one chat with the Tesla CEO at his electric-car factory in Fremont, Calif. Musk discussed the wonky side of vehicle production and the prospects for building cars in… Continue reading A low-cost Tesla car? Elon Musk talks about tech (without turmoil) on YouTube
Elon Musk says Tesla could build $25,000 EV in about ‘three years’
Mason Trinca for The Washington Post via Getty Images When Elon Musk unveiled Tesla’s second master plan, the $35,000 Model 3 represented the price floor. It wasn’t set in stone, but you couldn’t realistically expect more. However, the dream of a truly affordable Tesla EV just got a little more tangible. When tech YouTuber Marques… Continue reading Elon Musk says Tesla could build $25,000 EV in about ‘three years’
Elon Musk says Tesla could produce $25,000 car in ‘maybe’ 3 years, but cites industry challenges
Yuriko Nakao | Bloomberg | Getty Images
Elon Musk, co-founder and chief executive officer of Tesla
Elon Musk suggested it could take Tesla “maybe” three years to come up with a low-cost version of a car, even as he admitted it was “really tough” to do given the auto sector's economics and competition.
Amid recent turmoil surrounding Musk's stated goal to take Tesla private, the CEO sat for an interview with YouTuber Marques Brownlee to discuss the future of electric cars. Musk explained that Tesla's comparatively smaller scale made it hard to compete against major producers like General Motors or Ford, given their massive scale in an “insanely competitive industry.”
Musk told Brownlee that Tesla was “really focused on making cars more affordable, which is really tough. In order to make cars more affordable, you need high volume and economies of scale,” he said. When asked if Tesla could eventually make a cheaper vehicle with higher quality, Musk responded in the affirmative.
“I think in order for us to get up to…a 25,000 car, that's something we can do,” he said. “But if we work really hard I think maybe we can do that in about 3 years,” Musk added, saying it depended on both time and scale. He compared car making to the early years of the cellphone, which were bulky and lacked functionality.
“With each successive design iteration, you can add more things, you can figure out better ways to produce it, so it gets better and cheaper,” Musk said. With “natural progression of any new technology, it takes multiple versions and large volume to make it more affordable.”
Currently one of the top trade-ins for a Tesla Model 3 is a Toyota Prius, according to statements Musk made during an August earnings call. The Prius, which starts at $23,475, is roughly half the cost of the $49,000 Model 3 starting price.
Musk boasted that Tesla shells out virtually nothing on advertising and endorsements, and relies heavily on word of mouth.
“Where I put all the money into and all the attention into is trying to make the product as compelling as possible,” Musk says. The key to selling a product is having something people love and will talk about, he added.
“If you love it, you're going to talk and that generates word of mouth,” he told Brownlee. That's Tesla's business model: rely mainly on word-of-mouth. The company isn't spending on advertising, according to Musk. And no discounts. Musk said even he pays full retail price on his Tesla cars.
Musk's sit-down was published on YouTube in the wake of an unusually personal New York Times interview, in which Musk displayed rare moments of emotion as he described the pressures of meeting a recent Model 3 production milestone. The bombshell report sent Tesla's stock reeling in Friday's trading, and laid bare concerns among Tesla board members about Musk.
The NYT article landed at a turbulent time for the electric carmaker. Musk upped the ante in his battle against investors betting against Tesla's stock, tweeting recently that he had “funding secured” to take Tesla private at $420 per share. That sent shares soaring, and ultimately prompted the SEC to open a probe, according to reports.
Correction: This version corrects the spelling of Tesla's name.
VW’s CEO was told about emissions software months before scandal: Der Spiegel
FRANKFURT (Reuters) – Volkswagen (VOWG_p.DE) Chief Executive Herbert Diess was told about the existence of cheating software in cars two months before regulators blew the whistle on a multi-billion exhaust emissions scandal, German magazine Der Spiegel said. Herbert Diess, Volkswagen’s new CEO, speaks during the Volkswagen Group’s annual general meeting in Berlin, Germany, May 3,… Continue reading VW’s CEO was told about emissions software months before scandal: Der Spiegel
Wall Street analysts were blown away by the Tesla Model 3’s ‘next-gen, military-grade’ tech — and say that’s why the base model will never turn a profit (TSLA)
Justin Pritchard / Associated Press UBS analysts disassembled a Tesla Model 3 to compare it with other electric vehicles. “Tesla delivered the best powertrain at the lowest cost,” the investment bank told clients. But the car’s “next-gen, military-grade” tech is the reason the base model will never turn a profit. Tesla has struggled to ramp… Continue reading Wall Street analysts were blown away by the Tesla Model 3’s ‘next-gen, military-grade’ tech — and say that’s why the base model will never turn a profit (TSLA)