GAO: Feds need better response to car cyber attacks
The Department of Transportation needs to establish a more detailed plan to help automakers respond to the threat of cyberattacks on vehicles, according to a report from the Government Accountability Office.
The report — which was first requested by lawmakers in December 2014 and made available to the public this week — calls for the DOT to better define its own role and clarify how it would interact with other federal agencies and stakeholders in the event of a vehicle cyber attack.
Most modern vehicles have software interfaces that connect to an external network, which researchers found can be exploited either directly or remotely to take over critical safety-functions like breaking and steering.
{mosads}Such attacks remain difficult to carry out, the report noted, and have only been reported in a research setting.
The DOT’s National Highway Traffic Safety Administration has taken steps to enhance vehicle cyber security, including stepping up research and developing guidance to help the industry determine when cybersecurity vulnerabilities should be considered a safety defect.
But the GAO report said the agency has not defined how it would respond to a real-world vehicle cyber attack.
“Until it develops such a plan … the agency’s response efforts could be slowed as agency staff may not be able to quickly identify the appropriate actions to take,” the report said.
Some of the technological solutions that can make a vehicle more secure include message encryption and authentication, but stakeholders emphasized that those features must be incorporated into the vehicle during the design and production process.
The recommendations come as an increasing number of vehicles already contain autonomous features, and self-driving car companies are moving closer to production.
“While connected and driverless vehicles have the potential to greatly improve driver safety and reduce collisions and fatalities, we need to make certain we don’t open the door to cyber threats while implementing these technologies,” said Rep. Daniel Lipinski, (D-Ill.), ranking member on the Science, Space and Technology Subcommittee on Research and Technology.
“We must do all we can to ensure the safety and security of the American people, both from potential collisions and cyber-threats.”
Copyright 2023 Nexstar Media Inc. All rights reserved. This material may not be published, broadcast, rewritten, or redistributed.