Sens. Seek Update on Auto Cybersecurity, Privacy

Cite recent successful hacking test of brakes, steering

Two powerful Senators have expanded their investigation into the Internet of really fast moving things, in this case connected cars.

Sens. Ed Markey (D-Mass.) and Richard Blumenthal (D-Conn.), who launched their investigation into automotive cybersecurity and privacy in 2013, said Wednesday that they have just sent letters to 18 automakers asking for an update on protecting computer systems and vehicle-to-vehicle communications from potentially deadly hacks or invasions of privacy.

With car companies rapidly deploying V2V, including for crash avoidance, the Senators want to know about any changes to the cars' "characteristics, policies, practices and experiences " since 2013.

Markey released a report last year detailing "major gaps" in how companies secured connected cars against hackers and cited the incident from earlier this year when a pair of researchers hacked into a Jeep Cherokee and showed how they could remotely take over control of the steering and brakes.

That scary scenario prompted a letter from the Senators to the National Highway Traffic Safety Administration (NHTSA) in July urging it to investigate and take action.

“As vehicles become increasingly connected to the Internet and to one another through advanced features and services, we continue to see how these technologies present vulnerabilities that can compromise the safety and privacy of drivers and passengers,” the Senators wrote.

The Senators in July introduced the Security and Privacy in Your Car (SPY Car) Act, which would direct the NHTSA and the Federal Trade Commission to set federal standards for securing cars and the data they share and provide consumers with a “cyber dashboard” of data on how well their connected car is protecting their privacy and safety beyond those "minimum" standards.