Serious gaps in security and customer privacy affect nearly every vehicle that uses wireless technology, according to a report out Monday by Sen Ed Markey's (D-MA) office.
The report concludes that security measures to prevent hackers from gaining control of a vehicle are "inconsistent and haphazard".
Markey posed questions to 16 automakers after researchers showed how hackers can get into the controls of some popular cars and SUVs, causing them suddenly to accelerate, turn, sound the horn, turn headlights off or on and modify speedometer and gas-gauge readings.
Today's cars and light trucks typically contain more than 50 electronic control units - effectively small computers, as well as some wireless entry points to these computers, such as tire pressure monitoring systems, Bluetooth, internet access, keyless entry, remote start, navigation systems, wifi, anti-theft systems and cellular-telematics.
Most manufacturers said they were unaware of or unable to report on past hacking incidents. Hackers can get around most security protections cited by manufacturers, according to the security experts Markey consulted.
Information from most manufacturers indicated they wouldn't know about a hacking attempt unless data from the vehicle's computers was downloaded by a dealer or at a service center. Only one manufacturer appeared able to detect a hacking attempt while it was happening.
Most new cars are capable of collecting large amounts of data on a vehicle's driving history through an array of pre-installed technologies, including navigation systems, telematics etc., that allow car dealers to track and disable vehicles whose drivers don't keep up with their payments or that are reported stolen, the report said.
Half the manufacturers said they wirelessly transfer info on driving history from vehicles to another location, often using third-party companies, and most don't describe "an effective means to secure the data," the report said.
The Society of Automotive Engineers has established a security committee that's evaluating the vulnerability of cars to hacking and is drafting "standards and best practices to help ensure electronic control system safety," the alliance said (you'll be sued first)
No comments:
Post a Comment