Menu
Senate bill proposes cyber security standard for cars

Senate bill proposes cyber security standard for cars

The proposed legislation will also make drivers aware of what data is being collected

Cars will have to be much better protected against hacking and new privacy standards will govern data collected from vehicles under proposed legislation introduced in the U.S. Senate on Tuesday.

The Security and Privacy in Your Car Act of 2015 seeks to get a step ahead of what is seen by some as one of the next fronts in hacking: connected vehicles, which are always on the Internet and rely on sophisticated computer control systems.

Proposed by Senators Edward J. Markey, a Democrat from Massachusetts, and Richard Blumenthal, a Democrat from Connecticut, the act would mandate that critical software systems in cars be isolated and the entire vehicle be safeguarded against hacking by using "reasonable measures." The proposed bill doesn't define those measures.

Data stored in the car should be secured to prevent unauthorized access and vehicles will also have to detect, alert and respond to hacking attempts in real time.

Under the proposed law, new privacy standards, to be developed by the National Highway Traffic Safety Administration (NHTSA), will require vehicle owners be made aware of what data is being collected, transmitted and shared. Owners will be offered the chance to opt out of such data collection without losing access to key navigation or other features where feasible.

The NHTSA will also be tasked with developing an easy method for consumers to evaluate how well an automaker goes beyond the minimum standards defined in the proposed law.

To date, there have been few examples of cyber attacks on cars, but security researchers have demonstrated that it's possible to take over the critical control systems of a car while it is in motion.

BMW earlier this year patched a vulnerability in its connected drive system that allowed an attacker to remotely unlock a car. BMW had not enabled encryption on its servers, allowing an attacker to mimic the server and send a lock or unlock command to a car. The fix was as simple as enabling HTTPS, but 2.2 million cars had to be upgraded.

Markey took up the issue of cyber security in cars in late 2013, when he sent letters to 20 major automakers asking them how they protected information collected from vehicles and guarded against cyber attacks. The answers to those letters laid the ground for a report published in 2014 that found cars inadequately protected against potential cyberattack.

Subscribe here for up-to-date channel news

Follow Us

Join the New Zealand Reseller News newsletter!

Error: Please check your email address.

Tags securitybmwlegislationgovernment

Featured

Slideshows

StorageCraft celebrates high achievers at its inaugural A/NZ Partner Awards

StorageCraft celebrates high achievers at its inaugural A/NZ Partner Awards

Revealed at a glitzy bash in Sydney at the Ivy Penthouse, the first StorageCraft Partner Awards locally saw the vendor honour its top-performing partners with ASI Solutions, SMBiT Pro, Webroot, ACA Pacific and Soft Solutions New Zealand taking home the top awards. Photos by Maria Stefina.

StorageCraft celebrates high achievers at its inaugural A/NZ Partner Awards
Kiwi resellers make a splash on Synnex and Lenovo RotoVegas road trip

Kiwi resellers make a splash on Synnex and Lenovo RotoVegas road trip

​Synnex and Lenovo hosted 18 resellers for an action-packed weekend adventure in RotoVegas, taking in white water rafting on the Kaituna River, as well as quad biking and dinner at Stratosfare​, overlooking Lake Rotorua at the top of Mount Ngongotaha​. Photos by Synnex.

Kiwi resellers make a splash on Synnex and Lenovo RotoVegas road trip
Show Comments