Menu
Senate bill proposes cyber security standard for cars

Senate bill proposes cyber security standard for cars

The proposed legislation will also make drivers aware of what data is being collected

Cars will have to be much better protected against hacking and new privacy standards will govern data collected from vehicles under proposed legislation introduced in the U.S. Senate on Tuesday.

The Security and Privacy in Your Car Act of 2015 seeks to get a step ahead of what is seen by some as one of the next fronts in hacking: connected vehicles, which are always on the Internet and rely on sophisticated computer control systems.

Proposed by Senators Edward J. Markey, a Democrat from Massachusetts, and Richard Blumenthal, a Democrat from Connecticut, the act would mandate that critical software systems in cars be isolated and the entire vehicle be safeguarded against hacking by using "reasonable measures." The proposed bill doesn't define those measures.

Data stored in the car should be secured to prevent unauthorized access and vehicles will also have to detect, alert and respond to hacking attempts in real time.

Under the proposed law, new privacy standards, to be developed by the National Highway Traffic Safety Administration (NHTSA), will require vehicle owners be made aware of what data is being collected, transmitted and shared. Owners will be offered the chance to opt out of such data collection without losing access to key navigation or other features where feasible.

The NHTSA will also be tasked with developing an easy method for consumers to evaluate how well an automaker goes beyond the minimum standards defined in the proposed law.

To date, there have been few examples of cyber attacks on cars, but security researchers have demonstrated that it's possible to take over the critical control systems of a car while it is in motion.

BMW earlier this year patched a vulnerability in its connected drive system that allowed an attacker to remotely unlock a car. BMW had not enabled encryption on its servers, allowing an attacker to mimic the server and send a lock or unlock command to a car. The fix was as simple as enabling HTTPS, but 2.2 million cars had to be upgraded.

Markey took up the issue of cyber security in cars in late 2013, when he sent letters to 20 major automakers asking them how they protected information collected from vehicles and guarded against cyber attacks. The answers to those letters laid the ground for a report published in 2014 that found cars inadequately protected against potential cyberattack.


Follow Us

Join the newsletter!

Or
Error: Please check your email address.

Tags governmentsecuritylegislationbmw

Featured

Slideshows

Bumper channel crowd kicks off first After Hours of 2018

Bumper channel crowd kicks off first After Hours of 2018

After Hours made a welcome return to the channel social calendar with a bumper crowd of partners, distributors and vendors descending on The Jefferson in Auckland to kick-start 2018. Photos by Gino Demeer.

Bumper channel crowd kicks off first After Hours of 2018
Looking back at the top 15 M&A deals in NZ during 2017

Looking back at the top 15 M&A deals in NZ during 2017

In 2017, merger and acquisitions fever reached new heights in New Zealand, with a host of big name deals dominating the headlines. Reseller News recaps the most important transactions of the Kiwi channel during the past 12 months.

Looking back at the top 15 M&A deals in NZ during 2017
Kiwi channel closes 2017 with After Hours

Kiwi channel closes 2017 with After Hours

The channel in New Zealand came together to celebrate the close of 2017, as the final After Hours played out in front of a bumper Auckland crowd.

Kiwi channel closes 2017 with After Hours
Show Comments