Automakers Push Back as Research Shows Car Hacking

Automakers Push Back as Research Shows Car Hacking

To manufacturers, the increased technology in vehicles leads to a world of networked cars that have fewer deadly crashes, reduced traffic and new revenue systems. But to data security researchers, a world of networked cars could only lead to possible vectors of attack – high velocity weapons and roving data-reapers – posing as enticing targets for hackers.

As part of a series of Congressional hearings focused on tech issues, representatives of Tesla, General Motors and Toyota were asked to appear in front of an oversight subcommittee in the House of Representatives in late November. After lawmakers voiced concerns over consumer privacy, data collection and network security, the automakers responded with a unified message: Premature regulation can deter or block safety innovations.

Toyota vice president of connected services, Sandy Lobenstein, said that the auto industry has tried to tackle this fear together. The automakers developed privacy principles together for the new networked cars and believed they were at the forefront of protecting consumer data in the emerging Internet of Things.

Of particular interest to the members of Congress is the possibility of advancing industry-wide standards for cybersecurity and consumer privacy. Several lawmakers mentioned a widely-read article in which security researchers were able to hack at Jeep Cherokee and remotely tamper with its brakes, steering and engine.

While the government wants initiate a one-year government study to recommend regulations for automotive software, safety, cybersecurity, and privacy, the automotive representatives pressed that the industry was not going to be able to wait that long. Harry Lightsey, executive director for consumer experience at General Motors, mentioned that the company was already hard at work developing technologies intended to limit collisions and protect connected cars from being hacked.

When asked by Rep. John Mica, a republican from Florida, if an industry-wide cyber security standard exists, all automakers were not able to indicate if a set group of principles were set.

Location data, credit card numbers and text messages are all things that may be stored in a car now. And, according to Khaliah Barnes, associate director for the Electronic Privacy Information Center, carmakers are not doing a good job telling consumers how that data is used.

Barnes supports a Senate bill that would establish baseline federal standards for automobile cybersecurity, instituting federal penalties for car hacking. The same proposal limits how car data can be shared with marketers and other third parties.

About the Author

Sydny Shepard is the Executive Editor of Campus Security & Life Safety.

Featured

  • Survey: 54% of Organizations Cite Technical Debt as Top Hurdle to Identity System Modernization

    Modernizing identity systems is proving difficult for organizations due to two key challenges: decades of accumulated Identity and Access Management (IAM) technical debt and the complexity of managing access across multiple identity providers (IDPs). These findings come from the new Strata Identity-commissioned report, State of Multi-Cloud Identity: Insights and Trends for 2025. The report, based on survey data from the Cloud Security Alliance (CSA), highlights trends and challenges in securing cloud environments. The CSA is the world’s leading organization dedicated to defining standards, certifications, and best practices to help ensure a secure cloud computing environment. Read Now

  • Study: Only 35 Percent of Companies Include Cybersecurity Teams When Implementing AI

    Only 35 percent of cybersecurity professionals or teams are involved in the development of policy governing the use of AI technology in their enterprise, and nearly half (45 percent) report no involvement in the development, onboarding, or implementation of AI solutions, according to the recently released 2024 State of Cybersecurity survey report from ISACA, a global professional association advancing trust in technology. Read Now

  • New Report Series Highlights E-Commerce Threats, Fraud Against Retailers

    Trustwave, a cybersecurity and managed security services provider, recently released a series of reports detailing the threats facing the retail sector, marking the second year of its ongoing research into these critical security issues. Read Now

  • Stay Secure in 2024: Updated Cybersecurity Tips for the Office and at Home

    Cyber criminals get more inventive every year. Cybersecurity threats continue to evolve and are a moving target for business owners in 2024. Companies large and small need to employ cybersecurity best practices throughout their organization. That includes security integrators, manufacturers, and end users. Read Now

Featured Cybersecurity

Webinars

New Products

  • 4K Video Decoder

    3xLOGIC’s VH-DECODER-4K is perfect for use in organizations of all sizes in diverse vertical sectors such as retail, leisure and hospitality, education and commercial premises. 3

  • AC Nio

    AC Nio

    Aiphone, a leading international manufacturer of intercom, access control, and emergency communication products, has introduced the AC Nio, its access control management software, an important addition to its new line of access control solutions. 3

  • Luma x20

    Luma x20

    Snap One has announced its popular Luma x20 family of surveillance products now offers even greater security and privacy for home and business owners across the globe by giving them full control over integrators’ system access to view live and recorded video. According to Snap One Product Manager Derek Webb, the new “customer handoff” feature provides enhanced user control after initial installation, allowing the owners to have total privacy while also making it easy to reinstate integrator access when maintenance or assistance is required. This new feature is now available to all Luma x20 users globally. “The Luma x20 family of surveillance solutions provides excellent image and audio capture, and with the new customer handoff feature, it now offers absolute privacy for camera feeds and recordings,” Webb said. “With notifications and integrator access controlled through the powerful OvrC remote system management platform, it’s easy for integrators to give their clients full control of their footage and then to get temporary access from the client for any troubleshooting needs.” 3