The office of USA Senator Ed Markey reported today revealed that the vast majority of “connected cars” on the road are vulnerable to hackers for data theft or illegal control.
In particular, the report said the wireless connectivity and internet access to the vehicles opens up security gaps that could be exploited for the purpose of attack.
The study found these security weaknesses in “nearly 100 per cent of cars on the market” and noted that most car manufacturers were unaware of or unable to report on past hacking incidents.
The data was collected from 16 major car manufacturers, who’s vehicles were part of earlier studies on some vehicles which showed how hackers can get into the controls of some popular vehicles, causing them to suddenly accelerate, turn, de-activate brakes, activate the horn, control headlights, and modify the speedometer and gas gauge readings.
There was also a concern of privacy breach as it was noted that many of these connected cars collect data on driving that include route, start and end locations etc.
The report stated that the “alarmingly inconsistent and incomplete state of industry security and privacy practices” raises questions about the need for new US rules from the National Highway Traffic Safety Administration or other federal agencies.
The report reported that hackers can gain access to a car via methods that include Bluetooth wireless connections, the OnStar system for remote assistance, malware in an Android smartphone which is paired with the vehicle, or even an infected CD in the car sound system.
“These findings reveal that there is a clear lack of appropriate security measures to protect drivers against hackers who may be able to take control of a vehicle or against those who may wish to collect and use personal driver information,” the report said.
The scope of the report involved BMW, Chrysler, Ford, General Motors, Honda, Hyundai, Jaguar Land Rover, Mazda, Mercedes-Benz, Mitsubishi, Nissan, Porsche, Subaru, Toyota, Volkswagen and Volvo.