Industry, DOT unprepared for auto cybersecurity attacks GAO
A new Government Accounting Office (GAO) report discusses challenges faced by the auto industry and the Department of Transportation in dealing with potential auto cybersecurity attacks. A cyberattacker could remotely access a vehicleês steering and braking through the wireless connections that enable hands-free cell phone use, the report says.
Such attacks could potentially impact a large number of vehicles and allow an attacker to access targeted vehicles from anywhere in the world, says the report. Still, such attacks remain difficult because of the time and expertise needed. So far, they have happened only in a research lab.
The technology that could make vehicles more secure could not be incorporated into existing vehicles. It could only be incorporated into vehicle design and production, which takes about five years.
The report notes that the Alliance of Automobile Manufacturers and the Association of Global Automakers have formed an Automotive Information Sharing and Analysis Center to share and analyze cyberthreat information.
U.S. DOT has also started to address vehicle cybersecurity, but has not determined the role it would take in a real-world cyberacttack. NHTSA is studying the need for government standards or regulations on vehicle cybersecurity. Until the safety agency has defined its role, its response to a cyberattack could be slowed.Download Bulletin PDF