Government Announces New Auto Cybersecurity Recommendations

U.S. National Highway Traffic Safety Administration (NHTSA) announce for new cybersecurity recommendations to protect cars from hackers.

On Monday, U.S. regulators said automakers should provide some sort of electronic cybersecurity protection against malicious hackers. The cybersecurity guidelines were released by the U.S. National Highway Traffic Safety Administration and, at the moment, are only recommendations and not rules. However, this is the first step towards establishing guidelines that car manufacturers should follow in order to protect car owners from hackers.

Some of the cybersecurity recommendations from the U.S. National Highway Traffic Safety Administration include conducting tests of vehicle systems in order to see if hackers can penetrate the layers of security. Their test results should then be analyzed and documented.

The Alliance of Automobile Manufacturers, which includes General Motors, Ford Motor Company and several other auto manufacturers, support the new recommendations by the NHTSA.

However, Democratic U.S. Senator Ed Markey of Massachusetts and Richard Blumenthal of Connecticut said the new cyber security regulations fall short of protecting U.S. citizens.

“If modern day cars are computers on wheels, we need mandatory standards, not voluntary guidance, to ensure that our vehicles cannot be hacked and lives and information put in danger,” the lawmakers said in a statement Monday.

This news comes after a Jeep Grand Cherokee was hacked by a cybersecurity researchers, Charlie Miller and Chris Valasek. The two hackers were able to remotely manipulate the air-conditioning, radio and even shut down the car’s transmission.

Last March, the FBI and the Department of Transportation issued a joint public service announcement warning car owners about the susceptibility of newer cars and how consumers can protect themselves. The announcement asserted that anyone who believes their car may have been hacked should immediately contact the car manufacturer, National Highway and Traffic Safety Administration and the FBI. In addition, new legislation called the Security and Privacy in Your Car Act of 2015 (SPY CAR ACT) would ensure cars sold in the U.S. meet a certain level of protection against hackers and protect the data stored by the vehicles.

In addition, the SPY CAR ACT would enforce automakers to place a “cyber dashboard” informing consumers about the amount of protection the automobile has against hackers.

“NHTSA must also conduct a rulemaking to require the fuel economy labeling that manufacturers attach to motor vehicles to display a “cyber dashboard” with a standardized graphic to inform consumers about the extent to which the vehicle protects individuals’ cybersecurity and privacy beyond the minimum requirements.”

Despite being introduced to the Senate in 2015, the SPY CAR ACT is currently being reviewed by the Committee on Commerce, Science, and Transportation.