Senators ask 18 automakers to update cybersecurity info

lettertopSenator Edward J. Markey (D-Mass.) and Richard Blumenthal (D-Ct.) sent updated queries to 18 automakers asking for information on each company’s protections against the threat of cyberattacks. The Senators asked the companies for a description of any changes to their vehicle fleet or characteristics, policies, practices and experiences that may have occurred since the company first responded to Senator Markey’s original letters, sent previously.

Senators Markey and Blumenthal sent letters to Aston Martin, BMW North America, Fiat Chrysler, Ford Motor Company, General Motors, American Honda Motor Co., Hyundai Motors North America, Jaguar Land Rover North America, Lamborghini, Mazda North America, Mercedes Benz USA, Mitsubishi, Nissan North America, Porsche, Subaru Motors America, Tesla, Toyota North America, Volkswagen Group of America (with Audi), and Volvo.

In July, Senators Edward J. Markey (D-Mass.) and Richard Blumenthal (D-Conn.), members of the Commerce, Science and Transportation Committee, introduced legislation that would direct the National Highway Traffic Safety Administration (NHTSA) and the Federal Trade Commission (FTC) to establish federal standards to secure our cars and protect drivers’ privacy.

In February, Senator Markey released the report “Tracking & Hacking: Security & Privacy Gaps Put American Drivers at Risk.”

The report showed the responses from 16 major automakers; BMW, Chrysler, Ford, General Motors, Honda, Hyundai, Jaguar Land Rover, Mazda, Mercedes-Benz, Mitsubishi, Nissan, Porsche, Subaru, Toyota, Volkswagen (with Audi), and Volvo. Aston Martin, Lamborghini, and Tesla, manufacturers did not respond.

The data in the report showed that nearly 100% of cars on the market include wireless technologies that could pose vulnerabilities to hacking or privacy intrusions.

Senator Markey reported that the previous findings revealed that there is a clear lack of appropriate security measures to protect drivers against hackers who may be able to take control of a vehicle or against those who may wish to collect and use personal driver information.

Intel Corporation announced the establishment of the Automotive Security Review Board (ASRB) to help mitigate cybersecurity risks associated with automotive IT systems.

Frost & Sullivan’s recent whitepaper, Cybersecurity: Automakers Remain Passive as Government Takes Action, analyzes cyber security challenges, identifies solutions, and outlines a best-practices approach.

The FTC recently offered guidelines for Internet connections in cars.