Senator Edward J. Markey (D-Mass.) and Richard Blumenthal (D-Conn.) announced legislation that would direct the National Highway Traffic Safety Administration (NHTSA) and the Federal Trade Commission (FTC) to to take action and federal standards to secure our cars from cyber attacks.

The proposal came right after Sen. Ed Markey’s office released a report stating that millions of cars and trucks are vulnerable to hacking through wireless, remote technologies that could jeopardize driver safety and privacy. This was followed by CBS News’ “60 Minutes” story showing how a leading vehicle brand was subject to remote hacking.

At the hearing, Senator Markey outlined the security and privacy performance standards in the legislation, including:

Security

·      Requirement that all wireless access points in the car are protected against hacking attacks, evaluated using penetration testing;

·      Requirement that all collected information is appropriately secured and encrypted to prevent unwanted access; and;

·      Requirement that the manufacturer or third-party feature provider be able to detect, report and respond to real-time hacking events.

Privacy

·      Transparency requirement that drivers are made explicitly aware of data collection, transmission, and use of driving information;

·      Consumers can choose whether data is collected without having to disable navigation; and

·      Prohibition on the use of personal driving information for advertising or marketing purposes.

The legislation will also call for new cars to be evaluated by a rating system—a “cyber dashboard”—that informs consumers about how well the vehicle protects drivers beyond those minimum standards.  This information will be displayed on the label of all new vehicles – just as fuel economy is today.

“We need the electronic equivalent of seat belts and airbags to keep drivers and their information safe in the 21st century,” said Senator Markey.“There are currently no rules of the road for how to protect driver and passenger data, and most customers don’t even know that their information is being collected and sent to third parties. These new requirements will include a set of minimum standards to protect driver security and privacy in every new vehicle. I look forward to working with my Senate colleagues to advance this important consumer protection legislation.” 

 

“Connected cars represent tremendous social and economic promise, but in the rush to roll out the next big thing automakers have left the doors unlocked to would-be cybercriminals,” said Senator Blumenthal. “This common-sense legislation would ensure that drivers can trust the convenience of wireless technology, without having to fear incursions on their safety or privacy by hackers and criminals.” 

ARGUS IDPS – PREVENTION IS BETTER THAN CURE

As a tested and field-proven solution for automotive cyber security, the Argus IDPS detects hacking attempts and prevents them from affecting a vehicle’s mission-critical systems. It also notifies car manufacturers in real-time when these attempts are happening, as was also demonstrated last month at CES.

In addition, Argus Vulnerability Assessment Services help identify vulnerabilities in advance, while complying with emerging regulation.

Learn how Argus helps ensure passengers’ safety and prevent the next massive cyber-recalls.

Regards,

The Argus Team
Recent Posts
Contact Us

For a sense of how easy it will be to put ARGUS IPS solutions in your current and future production-line and hearing more about our unique technology, please fill in the form below.