Ottawa Citizen

Automakers fail to protect cars against hacking: report

-

Automakers are cramming cars with wireless technology, but they have failed to adequately protect those features against the real possibilit­y that hackers could take control of vehicles or steal personal data, according to an analysis of informatio­n that manufactur­ers provided to a U.S. senator.

Sen. Edward Markey asked automakers a series of questions about the technologi­es and any safeguards against hackers built into their vehicles. He also asked how the informatio­n vehicle computers gather and often transmit wirelessly is protected.

Markey posed his questions after researcher­s showed how hackers can get into the controls of some popular cars and SUVs, causing them suddenly to accelerate, turn, sound the horn, turn headlights off or on and modifying speedomete­r and gas-gauge readings.

The responses from 16 manufactur­ers “reveal there is a clear lack of appropriat­e security measures to protect drivers against hackers who may be able to take control of a vehicle or against those who may wish to collect and use personal driver informatio­n,” a report by Markey’s staff concludes.

Today’s cars and light trucks typically contain more than 50 electronic control units — effectivel­y small computers — that are part of a network in the car. At the same time, nearly all new cars on the market today include at least some wireless entry points to these computers, such as tire pressure monitoring systems, Bluetooth, Internet access, keyless entry, remote start, navigation systems, Wi-Fi, anti-theft systems and cellular-telematics, the report said. Only three automakers said they still have some models without wireless entry, but those models are a small and declining share of their fleets.

“Drivers have come to rely on these new technologi­es, but unfortunat­ely the automakers haven’t done their part to protect us from cyber-attacks or privacy invasions,” Markey said in a statement. Among the report’s findings: Most manufactur­ers said they were unaware of or unable to report on past hacking incidents. Three automakers declined to answer the question. One automaker described an app designed by an outside company and released for Android devices that could access a vehicle’s computer network through the Bluetooth connection. A security analysis didn’t indicate any ability to introduce malicious code or steal data, but the automaker had the app removed from the Google Play store as a precaution­ary measure.

Manufactur­ers are handling the introducti­on of new technology in different ways, and for the most part these actions are insufficie­nt to ensure security. Hackers can get around most security protection­s cited by manufactur­ers, according to the security experts Markey consulted.

Only one manufactur­er appeared able to detect a hacking attempt while it was happening and only two described credible means of responding to such intrusions in real time.

 ??  RUSSELL PURCELL/DRIVING ?? Advances in technology mean almost all cars sold in North America have at least one wireless entry point.
 RUSSELL PURCELL/DRIVING Advances in technology mean almost all cars sold in North America have at least one wireless entry point.

Newspapers in English

Newspapers from Canada