Car hacking is a scaring reality, modern vehicles use a huge quantity of connected components that could be easily compromised knowing the communication protocol used by principal vendors.
The interest in car hacking gained a high profile last summer when the popular hackers Miller and Valasek hackers remotely hacked a Jeep Cherokee SUV on a St. Louis highway on behalf of the Wired magazine. The hackers exploited security vulnerabilities in the wireless vehicle systems that automakers hope eventually will allow vehicles to communicate with each other.
The car vendor recalled 1.4 million vehicles for a software upgrade after the security duo disclosed the results of their experiment.
Two state senators in Michigan, Mike Kowall (R-White Lake) and Ken Horn (R-Frankenmuth), have proposed a law framework (SENATE BILL No. 927, SENATE BILL No. 928) that addresses car hacking with laws that promise life imprisonment for hackers.
The two draft bills state that anyone who repeatedly attempts to “intentionally access or cause access to be made to an electronic system of a motor vehicle to willfully destroy, damage, impair, alter or gain unauthorized control of the motor vehicle,” is committing a crime and risks the jail.
“I hope that we never have to use it,” said Kowall. “That’s why the penalties are what they are. The potential for severe injury and death are pretty high.”
Charlie Miller expressed his doubts about the new law and highlighted the problems it would cause to the security community.
The law forbids any manipulation of car firmware, even by the car owners.
There is no doubt about the necessity to carefully address cyber security issues in the automotive industry, but let me hope that in the future the experts from the cyber security industry will work together to approach the technical aspects of a law framework that will cover the car hacking.
(Security Affairs – car hacking, connected cars)
Necessary cookies are absolutely essential for the website to function properly. This category only includes cookies that ensures basic functionalities and security features of the website. These cookies do not store any personal information.
Any cookies that may not be particularly necessary for the website to function and is used specifically to collect user personal data via analytics, ads, other embedded contents are termed as non-necessary cookies. It is mandatory to procure user consent prior to running these cookies on your website.