U.S. Senator Edward Markey had quite a lot of questions for automakers in his interview on “CBS This Morning”, when he appeared on the show on Monday. His highest concern was the speed of which manufacturers add a lot of wireless technology in their cars, without providing equal protection against possible hackers.
The very fact that cars have become more comfortable than ever might bring a lot of concerns for car owners. All the wireless tech installed in the board is more or less available for hackers to access personal data or even take control of the vehicles.
Markey’s ground for his questions and arguments is information provided by manufacturer, strongly believing that a lot of the companies in the automotive industry have little awareness over the implications of moving so fast and so reckless into the computer-based age of the automobile.
His main point was asking automakers specific questions about the technology they build in their latest models. The bottom line inquiry of his argument was about whether they also install precautionary measures in order to make sure that the information gathered by board computers (which is often accomplished via wireless) isn’t available to others and/or used in an invasive way.
Markey stated that the transfer of the automobile industry from the combustion engine era to the wireless computer technology is a huge step, involving great implications. No longer do you need a crowbar for breaking into a car; you can simply use an iPad, he said in his interview.
The senator’s questions followed a demonstration of how hackers can override the control of some cars and SUVs, resulting in sudden acceleration of the car, turning it left or right, sounding the horn and turning the headlights on or off. In a report released by Markey’s staff, 16 manufacturers have revealed that their cars are severely lacking in protecting their drivers against theft of personal or automobile information.
Studying the automobile market, we can see that most cars use at least some entry points based on wireless technology. The more modern models on the market usually have more than 50 little computers controlling various features of the cars, such as systems measuring tire pressure, internet access, Bluetooth, Wi-Fi, keyless entry, satnav and anti-theft systems, and remote control. Only three out of sixteen automakers reported that they still have cars without wireless entry on the market, but the demand for these models is declining fast. As Markey said, Americans (and many others) are basically living the driving experience through computers.
Most of the newer models have pre-installed technologies which allow manufacturers to collect large amounts of data concerning the vehicle’s navigation history, through satnavs or emergency assistance systems. Car dealers also have access to this information, allowing them to track and literally deactivate cars which are reported stolen or whose drivers have not completed their payments.
Eight out of sixteen manufacturers transfer the necessary information wirelessly, usually using third-party companies, and most of them do not have a more effective alternative to secure transfer of the data. This complete access to information is vaguely explained under the label of “improving the customer’s experience”, while policies on the statute of limitations on data collected from their drivers also vary greatly.
Some manufacturers make their data collection a transparent issue in customer service, but even so, the driver’s option of opting out of it comes with the price of disabling other important features, such as navigation.
In November 2014, 19 manufacturers comprising the majority of passengers vehicles sold in the U.S. have agreed on setting down some rules for protecting drivers’ privacy. The voluntary treaty had a secondary target of avoiding possible official legislation. In Markey’s opinion, these voluntary efforts don’t do enough to ensure proper protection.
The Alliance of Automobile Manufacturers has taken upon itself to establish an industrywide center for safe analysis and information sharing in regard to cyber-attacks. Beyond the common effort, each member of the alliance individually is making fierce progress in advancing safety in the automobile industry.
The efforts of the Society of Automotive Engineers have resulted in setting up a security committee responsible for the evaluation of car vulnerability in the face of cyber-attacks. The society is now working on drafting a guideline of standards and principles which ensure “electronic control system safety”.
The Association of Global Automakers claims that Markey’s research and the responses he received from the manufacturers are not up to date, and they do not reflect the extensive relationship which exists between the automobile industry and the technology specialists, a relationship which focuses on improving the industry’s take on fighting cyber threats.
Among the manufacturers who provided company information to Markey’s staff are BMW, Chrysler, Ford, General Motors, Hyundai, Mercedes-Benz, Mitsubishi, Nissan, Porsche, Toyota, Volkswagen-Audi and Volvo. Three other car manufacturers didn’t respond: Tesla, Aston Martin and Lamborghini.
Image Source: Technology Tell