Published: July 22, 2015 | Washington. D.C., United States
Two Democratic senators introduced legislation requiring federal standards to prevent hacking of the nation’s 250 million cars and trucks. Sens. Richard Blumenthal, D-Conn., and Ed Markey, D-Mass., unveiled legislation that would direct the National Highway Traffic Safety Administration and the Federal Trade Commission to establish federal standards to secure cars and protect drivers’ privacy. The Security and Privacy in Your Car, or SPY Act, “also establishes a rating system — or ‘cyber dashboard’ — that informs consumers about how well the vehicle protects drivers’ security and privacy beyond those minimum standards.
“Rushing to roll out the next big thing, automakers have left cars unlocked to hackers and data trackers. This common-sense legislation protects the public against cybercriminals who exploit exciting advances in technology like self-driving and wireless connected cars. Federal law must provide minimum standards and safeguards that keep hackers out of drivers’ private data lanes. Security and safety need not be sacrificed for the convenience and promise of wireless progress.” – Richard Blumenthal
As vehicles grow increasingly connected through wireless networks and become more dependent on sophisticated electronic systems, Congress and federal regulators are worried about the potential for hackers to interfere with vehicle functions. Vehicles are vulnerable to hacking through wireless networks, smartphones, infotainment systems like OnStar — even a malicious CD popped into a car stereo.
Earlier this year, CBS News’ “60 Minutes” aired a segment showing how vehicles can be subjects of remote hacking. In January, BMW AG said it had fixed a security flaw that could have allowed up to 2.2 million vehicles to have their doors remotely opened by hackers. The “60 Minutes” segment showed a researcher with a laptop hacking into a new car — turning on windshield wipers, sounding the horn, deactivating brakes — as correspondent Lesley Stahl was unable to stop in a parking lot. Automakers and the “60 Minutes” report note that there is no known real-world case of a car being hacked remotely. But the program notes that “security cameras have shown cars burglarized by hackers unlocking doors. You can find software to do that online for $25.
Consumer advocates praised the bill
The standards would require automakers to ensure that all access points in the car are equipped with reasonable measures to protect against hacking attacks, including isolation of critical software systems and evaluated using best security practices. It would also require that vehicle owners are made explicitly aware of collection, transmission, retention, and use of driving data.
Source: Detroit News