A U.S. senator has asked 20 automobile manufacturers how each plans to stave off wireless hacking attempts on vehicle computer systems, as well as prevent violations of driver privacy.
“I write to request information regarding your company’s protections against the threat of cyberattacks or unwarranted invasions of privacy related to the integration of wireless, navigation and other technologies into and with automobiles,” wrote Sen. Ed Markey, D-Mass, in a letter to Daniel Akerson, CEO of General Motors, on Monday (Dec. 2).
Markey’s questions imply that he wants carmakers to apply computer-industry security processes, including implementation of anti-virus software, incident logging, incident-response planning, software vulnerability patching and third-party penetration testing — the last of which would stage real hacker attacks on mass-production vehicles.
“Today’s cars and light trucks contain more than 50 separate electronic control units (ECUs), connected through a controller area network (CAN) or other network,” Markey said. “Vehicle functionality, safety and privacy all depend on the functions of these small computers, as well as their ability to communicate with one another.”
Identical letters were also sent to the heads of the North American divisions of Aston Martin, Audi, BMW, Chrysler, Ford, Honda, Hyundai, Jaguar Land Rover, Lamborghini, Mazda, Mercedes Benz, Mitsubishi, Nissan, Porsche, Subaru, Tesla, Toyota, Volkswagen and Volvo. (Audi, Lamborghini, Porsche and Volkswagen share ownership.)