How the Government is SPYing on Your Car
If you sell cars, then you know a car’s safety is one of the most important features to customers. That’s why the recent Wikileaks “Vault7” leak is a thorn in the side for all auto dealers, but there’s some recent good news that could help you ensure customers that the smart cars you sell won’t be hacked anytime soon.
Ever since automakers started putting computers and monitoring systems inside of cars, there’s always been the fear that someone might be able to hack into an average person’s car and control it. Then, in 2015 two cybersecurity professionals created a video that showed them remotely shutting down the engine on a Jeep Cherokee while it was driving down the highway. The video went viral and fiat Chrysler recalled 1.4 million vehicles in response. The hits keep coming though because the Vault7 leaks showed that the CIA was considering investing serious effort into hacking smart cars. Specifically, the leaks show the CIA targeting vehicle systems from QNX, who is creates operating systems for most automakers. The leaked documents even call QNX systems a, “potential mission area.”
The fact that hacking technology is advanced enough for cars to be viewed as viable targets is frightening enough, but the thought of the CIA creating the technology and techniques adds a painful dose of reality. After all, the reason we know about all of this is that they couldn’t protect their own files, so can you be truly confident that they could protect technology that would let hackers into people’s cars?
People looking to buy cars probably aren’t and that could mean car dealers are going to have a tough time selling their newer cars because for some people those new connected features just became liabilities.
But there is some good news coming from Congress that could give car dealers some ammunition when it comes to selling connected cars. Just this week, two senators reintroduced a bill that would create a standard for automotive cybersecurity and rate cars based on that standard. The Security and Privacy in Your (SPY) Car Act was first introduced in 2015 but failed to become a law. Even then, then Spy Car Act was overdue because cars were already connected and vulnerable to cybercrime. Since 2015 the cybercrime has only increased and so has our reliance on connected devices. Add the fact that our own government is exploring ways to hack into smart cars and you’ve got a real need for the Spy Car Act. The two main benefits of the act are a requirement that requires the National Highway Traffic Safety Administration and Federal Trade Commission to create a set of security standards. Those standards would then be used to make what the bill calls a “cyber dashboard” that would give ratings on vehicles based on how well it met those standards. If you’re a car dealer or just a regular customer looking for a new car this bill is good news because it will ensure that the cars going out on the road are cyber secure with concrete evidence. Plus, the Spy Car Act could give dealers one more selling point that could close the deal with a customer.
Everyone should keep an eye on the SPY Act because for dealers and consumers both it is a step towards regulation and infrastructure that will keep all the connected devices that keep jumping off the assembly line and into our homes secure from hackers. With how connected we are today, this type of legislation is the future. In fact, the same bill has provisions to make sure aircraft manufactures also have a cybersecurity standard. Take the time to educate yourself on cybersecurity standards, otherwise you’ll be left in the dust soon.