Recently manufactured cars expose drivers to hacking attacks that could cause collisions and steal sensitive personal information, according to a report released Monday by a US Senator.
The majority of model-year 2014 cars offer network-connected features that provide driving directions, messaging, hands-free phone calls, safety monitoring, and entertainment. But a lack of security defenses makes it possible for those features to be remotely hijacked, potentially giving attackers the ability to control critical functions such as steering and braking, the 12-page report warned. Monday's report was issued by the office of US Senator Edward Markey, a member of the Senate Commerce Committee, which has jurisdiction over the auto industry. The report is the result of correspondence with 20 automobile manufacturers that received questions from Markey about the security mechanisms they employ to prevent hacking attacks.
"These findings reveal that there is a clear lack of appropriate security measures to protect drivers against hackers who may be able to take control of a vehicle or against those who may wish to collect and use personal driver information," the report warned.
The senator's report found that anti-hacker measures in nearly every single one of these cars were "inconsistent and haphazard." That's putting it lightly.
Long story short, it's obvious that carmakers aren't taking security and privacy seriously in these newly internet-connected vehicles. The report found "a clear lack of appropriate security measures to protect drivers against hackers who may be able to take control of a vehicle."
We kind of knew that this might be a problem, but news that it's so widespread is a huge concern. While, GE rolled out its OnStar 4G LTE wireless system to millions of cars last fall, similar features have been available on other brands like Audi and Chrysler for a while. Wireless features are even more common on high-end models.