The recent news that anyone can shut down an iPhone with a simple text is a reminder of how easy it is to get hacked. The fact that new vehicles are often described as rolling computers only stokes fears that your car may not be safe from someone sitting behind a computer screen thousands of miles away.
In a week where Hyundai and General Motors joyously announced they would be adding Android Auto and Apple’s CarPlay as options on some of their models, concerns about how those systems might enable hackers to gain access to vehicles have been raised.
Consumer Reports sent letters to its 6 million members sounding the alarm on about what it views as lax security measures on the part of automakers.
“Today’s cars use software and electronics to control everything from air conditioning to brakes, from seat belts to acceleration,” said Chris Meyer, vice president, Consumer Reports, in the letter. “Are those computers secure? Probably not secure enough, which is why we need your help right now to make sure your car safety is a priority.”
Meyer points out that the organization has been involved in testing where hackers were able to wrestle control of a vehicle away from a driver, pointing out hackers have been able to control the acceleration and braking of a vehicle. In one instance, a car was turned off during a test using a cell phone.
“While most experts agree that car hacking today isn’t easy, they also agree that the real question is not ‘if’ but ‘when,’” he continued.
(Chevy adding Apple CarPlay, Android Auto to new models. For more, Click Here.)
The letter was a call to arms to push for federal regulations on the security of the computers and electronics used in new vehicles. Automakers currently police themselves, and have a created a set of rules to follow.
Some lawmakers have been examining what’s going on with all of the technology automakers have put into vehicles that allow us to navigate the world while allowing passengers to surf the Internet using the car’s mobile wi-fi connection.
(Click Here for details about Hyundai adding Android Auto to Sonata.)
Sen. Edward Markey (D-Mass.) submitted a list of questions to 16 automakers about their technologies and how secure their specific vehicles are from intrusion. He determined the simple answer was not very. The key findings from these responses are:
- Nearly 100% of cars on the market include wireless technologies that could pose vulnerabilities to hacking or privacy intrusions.
- Most automobile manufacturers were un- aware of or unable to report on past hacking incidents.
- Security measures to prevent remote access to vehicle electronics are inconsistent and haphazard across all automobile manufacturers, and many manufacturers did not seem to understand the questions posed by Senator Markey.
- Only two automobile manufacturers were able to describe any capabilities to diagnose or meaningfully respond to an infiltration in real-time, and most say they rely on technolo- gies that cannot be used for this purpose at all.
- Automobile manufacturers collect large amounts of data on driving history and vehicle performance.
- A majority of automakers offer technologies that collect and wirelessly transmit driving history data to data centers, including third-party data centers, and most do not describe effective means to secure the data.
- Manufacturers use personal vehicle data in various ways, often vaguely to “improve the customer experience” and usually involving third parties, and retention policies – how long they store information about drivers – vary considerably among manufacturers.
- Customers are often not explicitly made aware of data collection and, when they are, they often cannot opt out without disabling valuable features, such as navigation.
These findings reveal that there is a clear lack of appropriate security measures to protect drivers against hackers who may be able to take control of a vehicle or against those who may wish to collect and use personal driver information, the report noted.
(To see more about the efforts of automakers to bolster in-car cyber security, Click Here.)
Markey’s finding not only noted that the lack of a consistent set of rules allows for plenty of opportunities for hacking, but also in terms of privacy. He called for the National Highway Traffic Safety Administration and the Federal Trade Commission to develop standards for security and privacy rather than allowing automakers to do so.
Tags: Android Auto, Apple CarPlay, Consumer Reports hacking concerns, Consumer Reports warning, Sen. Edward Markey hacking report, TheDetroitBureau.com., auto news, car computer hacking, cars easy to hack, hackers controlling cars, hacking a car’s computer, in-car computers, michael strong, thedetroitbureau, vehicle computer hacks