FBI warns automakers, owners about hacking risks

Friday, 18 Mar 2016 | 6:22 AM ETReuters

The FBI and U.S. National Highway Traffic Safety Administration (NHTSA) issued a bulletin Thursday warning that motor vehicles are “increasingly vulnerable” to hacking.

“The FBI and NHTSA are warning the general public and manufacturers — of vehicles, vehicle components, and aftermarket devices — to maintain awareness of potential issues and cybersecurity threats related to connected vehicle technologies in modern vehicles,” the agencies said in the bulletin.

In July 2015, Fiat Chrysler Automobiles recalled 1.4 million U.S. vehicles to install software after a magazine report raised concerns about hacking, the first action of its kind for the auto industry.

Also last year, General Motors issued a security update for a smartphone app that could have allowed a hacker to take control of some functions of a plug-in hybrid electric Chevrolet Volt, like starting the engine and unlocking the doors.

In January 2015, BMW said it had fixed a security flaw that could have allowed up to 2.2 million vehicles to have doors remotely opened by hackers.

“While not all hacking incidents may result in a risk to safety – such as an attacker taking control of a vehicle — it is important that consumers take appropriate steps to minimize risk,” the FBI bulletin said Thursday.

NHTSA Administrator Mark Rosekind told reporters in July 2015 that automakers must move fast to address hacking issues.

The Fiat Chrysler recall came after Wired magazine reported hackers could remotely take control of some functions of a 2014 Jeep Cherokee, including steering, transmission and brakes. NHTSA has said there has never been a real-world example of a hacker taking control of a vehicle.

Two major U.S. auto trade associations — the Alliance of Automobile Manufacturers and Association of Global Automakers — ate last year opened an Information Sharing and Analysis Center. The groups share cyber-threat information and potential vulnerabilities in vehicles.

The FBI bulletin Thursday warned that criminals could exploit online vehicle software updates by sending fake “e-mail messages to vehicle owners who are looking to obtain legitimate software updates. Instead, the recipients could be tricked into clicking links to malicious Web sites or opening attachments containing malicious software.”

SHOW COMMENTS Please add a username to view or add commentsPublic Username for Commenting

View the original article here

Advertisements

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s