If you take a few minutes to think about what hackers go after, you’ll realize that it is anything that has an Internet connection. Thanks to the Internet of Things (IoT) and the increased connectivity in machine to machine (M2M) applications, that covers a lot of ground.
In July of this year, two computer security researchers demonstrated that they could easily take control of a moving Jeep Cherokee. This was accomplished using the car’s wireless communications system, which immediately raised new questions about the safety of Internet-connected cars.
They were able to control the vehicle’s air conditioning blasting cold air at the maximum setting. In addition, they were also able to take control of the radio and switch stations, as well as manipulate the volume. Not only were they able to operate internal features, they sprayed the windshield with wiper fluid and turned the wipers on.
You may think that would be enough, but the two hackers took the opportunity to present an image of themselves on the car’s digital display. It seems the company’s Internet-connected platform Uconnect, which is used to bring entertainment and navigation features to cars, has a big security hole.
I can understand that there is a time for secrecy when it concerns something like national security; what I cannot understand is why Fiat Chrysler Automobiles, maker of the Jeep Cherokee, waited 18 months before telling safety regulators about this issue.
In what we can assume is a response to the July incident, the Alliance of Automobile Manufacturers and the Association of Global Automakers are forming a new group. The result is the Information Sharing and Analysis Center (ISAC), which is an attempt of offer greater cooperation between automakers when it comes to dealing with cyber threats.
The Alliance of Automobile Manufacturers is an association of 12 car and light truck manufacturers that includes BMW Group, Fiat Chrysler LLC, Ford Motor Company, General Motors (News - Alert) Company, Jaguar Land Rover, Mazda, Mercedes-Benz USA, Mitsubishi Motors, Porsche Cars North America, Toyota, Volkswagen Group of American and Volvo Cars of North America.
There are still a lot of details to work out but the hope is that this will be a place where the industry can collaborate in an effort to ensure vehicle security. The expectation is that there will be a full-time staff of security experts designed to deal with and predict security threats. Most major automakers and a host of suppliers will join.
In addition to the hack in July, the month also saw Sen. Markey and Sen. Richard Blumenthal (D-Conn.), introduce a bill to establish a clear set of security standards for automakers to adhere to with their connected technology.