Feds to Car Makers: Make Sure You’re Ready to Battle Hackers
April 18, 2016
Shah Sheikh (1294 articles)

Feds to Car Makers: Make Sure You’re Ready to Battle Hackers

If 2015 was the year that car hacking became a media sensation, then 2016 is the year it becomes a government fixation. This year, the feds want the auto industry to fix the problem before it becomes widespread, and cars become a target not just for criminals but for terrorists.

Last month the FBI and NHTSA issued a public safety announcement that warned of the threat of car hacking, and more recently federal lawmakers have urged the auto industry to work with stakeholders to step up cyber-security efforts. But while much of the concern around car hacking has surrounded consumers having their vehicles hijacked or their personal data swiped, this week Assistant Attorney General for National Security John Carlin visited Detroit to hammer home that car hacking isn’t just a cause for alarm for drivers but a potential national security threat.

“What brings me here is this is an industry that’s on the cusp of not just an evolution but a revolution in how our cars operate, how they talk to each other,” Carlin said during a presentation at the 2016 Society of Automotive Engineers’ World Congress.

An estimated 220 million vehicles will be connected to the cloud by 2020. And while connectivity can make driving safer and more efficient, it can also be manipulated by terrorists and others to cause harm, Carlin cautioned.

“Within each of those cars will be hundreds of different systems…connected wirelessly,” he said. “What we can see based on the threats we’ve seen in other industries and other areas is…rogue nation states or terrorist groups are looking to exploit this change in technology.”

Horrific Results
Carlin was referring in part to an incident last month in which hackers from the Islamic Revolutionary Guard Corps allegedly infiltrated financial industry computers and databases. One of the accused terrorists also reportedly hacked into the computer system of the Bowman Dam in New York, which contains information on its status and operation.

“It doesn’t take much imagination to see how similar vulnerabilities could be used against us by our adversaries to bring about horrific results,” Carlin said. “Every sector of the economy is a target—infrastructure, financial institutions, entertainment, agriculture, energy and yes, the auto industry.”

Carlin also noted the two security researchers who took remote control Jeep Cherokee last July and disabled it while the vehicle was on a busy highway with a journalist inside. The subsequent media coverage led parent company Fiat Chrysler America to issue a recall for 1.4 million vehicles and resulted in a slew of other research-based hacks.

Source | PCMag