Concerns Mount Over Vehicle Cybersecurity and Consumer Privacy
- A U.S. senator wants answers from automakers about cybersecurity and consumer privacy concerns as wireless technology becomes standard in many vehicles.
- Edward J. Markey (D-Mass.) sent letters in early December to 20 major automakers requesting information about how consumers are protected from "cyberattack or unwarranted violations of privacy."
WASHINGTON — A U.S. senator wants answers from automakers about cybersecurity and consumer-privacy concerns as wireless technology becomes standard in many vehicles.
Edward J. Markey (D-Mass.) sent letters in early December to 20 major automakers requesting information about how consumers are protected from "cyberattack or unwarranted violations of privacy."
"As vehicles become more integrated with wireless technology, there are more avenues through which a hacker could introduce malicious code, and more avenues through which a driver's basic right to privacy could be compromised," Markey wrote in a letter posted on his official Web site.
The companies receiving the letters include Chrysler, Ford, General Motors, Lamborghini and Tesla Motors.
Markey, a member of the Commerce, Science and Transportation Committee, said: "These threats demonstrate the need for robust vehicle security policies to ensure the safety and privacy of our nation's drivers.
"Airbags and seatbelts protect the safety of drivers, but we also need car companies to ensure the security and privacy of those in automobiles in this new wireless age."
Researchers say that it is possible for an attacker to get "remote code execution" on the electronic control units or ECU in vehicles via various interfaces such as the Bluetooth interface and the telematics unit.
Markey cited a 2011 study that demonstrated how commands could be sent through a car's computer system that could cause it to suddenly accelerate, turn or kill the brakes.
The senator wants to know whether vehicles include technology that detects or monitors for "anomalous activity or unauthorized intrusion through wireless entry points or wireless control units," among other things.
He also wants to know which vehicles include technologies that "can enable the remote shut-down of a vehicle, and are consumers made aware of this capability before purchase, lease or rental of the vehicle?"
The International Society of Automotive Engineers has a Vehicle Electrical System Security Committee that is responsible for recommending strategies and techniques related to "preventing and detecting adversarial breaches."
The new committee is charged with classifying "attack methods" and proposing preventive strategies. The committee members include OEMs, suppliers and the government.
Edmunds says: Hacking, breaches and privacy concerns in vehicles are rapidly getting the attention of lawmakers.