US senator raises red flag over cyber security in cars

Vehicles’ internal networks ‘largely unprotected’, could lead to wireless unlocking of doors

Tags: Cyber crimeUSA
  • E-Mail
US senator raises red flag over cyber security in cars Over 90% of 2014 models used wireless technology to some degree, whether it was connectivity to allow quick mechanical diagnostics in service centres or Bluetooth hook-ups for smartphones.
By  Stephen McBride Published  February 10, 2015

A US senator who questioned 20 car makers about the security of wireless access in their vehicles has raised concerns about "largely unprotected" systems, The Register reported.

Senator Ed Markey (D-MA) received responses from 17 of the 20 companies he contacted, with only Tesla, Aston Martin, and Lamborghini failing to reply. All 17 (BMW, Chrysler, Ford, General Motors, Honda, Hyundai, Jaguar Land Rover, Mazda, Mercedes-Benz, Mitsubishi, Nissan, Porsche, Subaru, Toyota, Volkswagen with Audi, and Volvo) integrated considerable data-driven tech in their 2014 models, with a number of respondents installing as many as 50 electronic control units (ECUs), which communicated over internal networks.

The Register suggests that, while the CAN (controller area network) bus, which presides over critical systems such as engines, steering wheels and brakes, is relatively isolated, lack of encryption and firewall provisions in other systems mean it is theoretically possible to, for example, open doors wirelessly.

Weak security could also allow malicious third-parties to install malware to monitor where the vehicle has been and how fast it was travelling.

"Drivers have come to rely on these new technologies, but unfortunately the automakers haven't done their part to protect us from cyber-attacks or privacy invasions," said Markey, a member of the Senate's Commerce, Science and Transportation Committee.

"Even as we are more connected than ever in our cars and trucks, our technology systems and data security remain largely unprotected. We need to work with the industry and cyber-security experts to establish clear rules of the road to ensure the safety and privacy of 21st-century American drivers."

Continues on next page>>

Add a Comment

Your display name This field is mandatory

Your e-mail address This field is mandatory (Your e-mail address won't be published)

Security code