The Internet of Things (IoT) allows us to connect in ways that were not possible just a few years ago. As a result, the security and privacy of any connected device is of utmost importance to today’s consumers and businesses. Having the assurance that data exchanged via these devices is protected gives one the confidence to use these devices without hesitation. Hackers, however, leave no stone unturned, and your automobile is now on the hacker’s radar.
According to a recent Senate report, nearly 100 percent of new cars on the market today may be vulnerable to security and privacy violations. Findings released during a “60 Minutes” segment and reported in a recent CNET article were summarized as follows:
The report, released February 9th by Sen. Edward Markey (D-Mass.), found that a majority of automakers questioned were unaware of or failed to report past hacking incidents.
Although nearly every automaker is adding sophisticated technology, there are no standards governing how automakers secure vehicles’ wireless networks, respond to threats or handle confidential driver data. While security experts have long recognized the vulnerability of these systems, it’s now starting to get legislative attention.
“These findings reveal that there is a clear lack of appropriate security measures to protect drivers against hackers who may be able to take control of a vehicle or against those who may wish to collect and use personal driver information,” the report reads.
Markey’s report detailed how, as opposed to past hacking demonstrations, hackers no longer need a direct connection to the vehicle to take over its systems. DARPA demonstrated how malware from Bluetooth-connected smartphones and security holes in onboard software, like OnStar, provide numerous avenues to take control remotely.
Because examples of hacks happening to everyday drivers remain largely undocumented, the report added, automakers are not taking them seriously.
“That stuff is very straightforward to protect against, but until you get hacked, you don’t do anything about it,” said Scott McGregor, the CEO of chipmaker Broadcom, which is partnered with automakers like Hyundai and BMW to wire their cars with Internet connectivity.
For more information regarding the security and privacy of smart car technology, see the full CNET article and Senate report.
IT SECURITY SUPPORT: Blue Mountain Data Systems provides IT Security Support Services for Federal Civilian Agencies. Looking to find Vulnerability Scanning and Testing, Penetration Testing, Risk Assessment & FISMA Reporting for your Federal Agency? Call Paul Vesely at 703-502-3416.