Senator pushes for cyber protections in vehicles

Senator pushes for cyber protections in vehicles
© Getty Images

Sen. Ed MarkeyEdward (Ed) John MarkeyGOP senator announces bill to block companies from tracking online activity Trump faces criticism for hosting Hungary's leader Bill Nye tees off on climate change skeptics: 'The planet is on f---ing fire!' MORE (D-Mass.) wants cybersecurity protections to be incorporated into all internet-connected vehicles.

ADVERTISEMENT

The Department of Transportation (DOT) is in the midst of crafting a proposal to mandate that new cars have vehicle-to-vehicle communication, an emerging system that would enable self-driving cars to talk to one another in an effort to anticipate sudden moves and avoid accidents.

But Markey fears the potentially life-saving technology could also leave drivers vulnerable to a new line of attack if they are not properly shielded from hacking and other cyber threats.

“The internet of things also leads to the internet of threats,” Markey said Tuesday during a Senate Commerce, Science and Transportation subcommittee hearing.

“Today’s new cars are just computers on wheels. Cybersecurity cannot just be an afterthought.”

The Surface Transportation Subcommittee held a hearing on how the so-called internet of things, in which everyday devices are connected to the internet, can transform transportation systems and what steps federal regulators can take to help spur innovation.

Witnesses told lawmakers that internet-connected vehicles have the power to improve traffic, reduce accidents and enhance fuel efficiency.

Automakers are working to bring fully self-driving cars to market but have already developed autonomous features such as lane-keeping assistance, collision warning and automated parking assist.

Markey pressed witnesses on whether the systems should have mandatory cybersecurity protections. He pointed to an experiment where hackers were able to remotely disable the transmission of a Jeep Cherokee, prompting Fiat Chrysler to recall 1.4 million vehicles.

“Thieves no longer need a crowbar to break into a car,” he said.

Markey is backing a bill that would require federal standards on anti-hacking, data security and threat detection for future motor vehicles. It also would require greater transparency on what personal information is collected by vehicles and allow drivers to opt out of any data collection.

Industry experts agreed that some cybersecurity protections are necessary but cautioned that federal regulators must strike the right balance between innovation and safety.

“We need to do it in a way that it’s not offsetting the innovation, but helping it,” said Jordan Kass, president of managed services for logistics provider C.H. Robinson. “Someone is going to innovate, and it needs to be us.”

Carlos Monje, assistant secretary for transportation policy at the DOT, said the agency is collaborating with other government agencies and the industry to understand cybersecurity, but he did not indicate how the upcoming DOT rule on vehicle-to-vehicle communication would address such threats.

A recent Government Accountability Office report called on the DOT to better define its plan for responding to a vehicle cyberattack and how it would interact with other federal agencies and stakeholders in such an event.

Monje said the DOT is assessing solutions to ensure that once a potential vulnerability or hacking technique is identified, the information is quickly shared with other stakeholders.

The agency also has encouraged the automotive industry to form an Information Sharing and Analysis Center, adopt proactive safety principles and develop best practices.

“Cybersecurity is going to be a continuous challenge for the rest of the century,” Monje said.