DOT, FBI Warn Consumers, Automakers About Connected Vehicle Hacking

Federal transportation and law enforcement authorities last week warned drivers and manufacturers about the increasing dangers posed by hackers to connected vehicles.

Mnet 191313 Security 0

Federal transportation and law enforcement authorities last week warned drivers and manufacturers about the increasing dangers posed by hackers to connected vehicles.

The Department of Transportation, the National Highway Traffic Safety Administration and the FBI issued a joint public service announcement cautioning automakers and auto parts manufacturers that on-board computers and wireless features could inadvertently enable cyberattacks.

In addition, the announcement said that mobile devices or adding third-party systems to a diagnostic port could introduce new access points for hackers.

"In these cases, it may be possible for an attacker to remotely exploit these vulnerabilities and gain access to the vehicle’s controller network or to data stored on the vehicle," the agencies warned.

Officials cited a report last summer from two cyber security experts that gained control of a Jeep Cherokee through a laptop computer.

The friendly hackers could utilize door locks, turn signals and other systems at any speed and, at low speeds, could control the vehicle's engine, brakes and steering.

Fiat Chrysler subsequently recalled 1.4 million vehicles to fix their software, and the maker of its Internet-connected car radios assured consumers that newer systems did not allow similar attacks. Communications provider Sprint, meanwhile, closed an open radio communications port.

The Jeep hackers — Charlie Miller and Chris Valasek — were among the experts to warn of the dangers of connected cars at a recent cyber security conference.

The PSA, meanwhile, also informed drivers about the steps they should take it they suspect a cyberattack, from checking current auto recalls to notifying the FBI.

Authorities urged drivers to keep vehicle software updated and to use caution when modifying software, connecting new devices or granting others access to their cars.

The auto industry, meanwhile, last summer announced plans to develop an information-sharing network to address potential cyber threats.

More in Laws & Regulations