Lawmakers urge auto safety agency to end its dangerously reactive approach to cybersecurity
Washington (June 11, 2020) - Senators Edward J. Markey (D-Mass.) and Richard Blumenthal (D-Conn.), members of the Commerce, Science and Transportation Committee, today sent a letter to the National Highway Traffic Safety Administration (NHTSA), following-up on their prior inquiry about the cybersecurity risks of internet-connected cars. In their original letter, the Senators asked NHTSA to share any information it has on the cyber vulnerabilities of connected cars, as well as any actions it is taking to protect the public from such threats.
In NHTSA’s reply, the agency claimed it is “not aware of any malicious hacking attempts that have created safety concerns for the motoring public.” However, this statement sets aside many examples of demonstrated vulnerabilities in connected-cars and indicates a hands-off approach to this growing threat to public safety. Moreover, NHTSA’s reply revealed that the agency is also neglecting to oversee and keep the public informed about over-the-air (OTA) software updates designed to fix safety defects in cars without a physical recall.
“We are deeply troubled by NHTSA’s deafening silence in response to the repeated reports of vulnerabilities and risks of hacking of internet-connected cars,” write the Senators in their letter to Acting Administrator James Owens. “We believe NHTSA must end its dangerously reactive approach to cybersecurity and do more to protect consumers before a malicious attack leading to a fatality occurs.”
A copy of the letter can be found HERE.
Internet-connected vehicles can potentially be hacked and remotely controlled by malicious actors, creating risks not only to the lives of car drivers and passengers, but also to pedestrians and property along the road. To address these risks, Senators Markey and Blumenthal have introduced the Security and Privacy in Your Car (SPY Car) Act, legislation that directs NHTSA and the Federal Trade Commission to establish federal standards to ensure cybersecurity in increasingly computerized vehicles and to protect drivers’ privacy.
In today’s letter, Senators Markey and Blumenthal ask questions that include: