In a report issued last week Massachusetts Democratic Senator Edward J. Markey says wireless technologies leave vehicles exposed to hackers, and new standards are needed to plug security and privacy gaps in cars and trucks.
Hacking is a serious concern, and the thought of some nefarious thing happening as we drive is scary, to say the least.
Senator Markey’s report, “Tracking & Hacking: Security & Privacy Gaps Put American Drivers at Risk,” is based on responses from 16 automakers to questions Senator Markey posed last year regarding vehicles’ vulnerability to hackers and how driver information is collected and protected. The report is available here.
Responses were received from BMW, Chrysler, Ford, General Motors, Honda, Hyundai, Jaguar Land Rover, Mazda, Mercedes-Benz, Mitsubishi, Nissan, Porsche, Subaru, Toyota, Volkswagen (with Audi), and Volvo.
According to Senator Markey, the responses show a vehicle fleet that has fully adopted wireless technologies, including wireless Internet access, but has not addressed the real possibilities of hacker infiltration into vehicle systems.
“Drivers have come to rely on these new technologies, but unfortunately the automakers haven’t done their part to protect us from cyber-attacks or privacy invasions. Even as we are more connected than ever in our cars and trucks, our technology systems and data security remain largely unprotected,” Senator Markey said. “We need to work with the industry and cyber-security experts to establish clear rules of the road to ensure the safety and privacy of 21st-century American drivers.”
The report found that
–Nearly 100 percent of vehicles on the market include wireless technologies that could pose vulnerabilities to hacking or privacy intrusions.
–Most automobile manufacturers were unaware of or unable to report on past hacking incidents.
–Security measures to prevent remote access to vehicle electronics are inconsistent and haphazard across the different manufacturers.
–Only two automobile manufacturers were able to describe any capabilities to diagnose or meaningfully respond to an infiltration in real-time, and most said they rely on technologies that cannot be used for this purpose at all.
Should we worry? And what should be done? Are automakers taking adequate steps to provide security, or should government take action. The topic deserves a closer look.