Automakers Form Alliance to Fight Car Hacking

Car Hacking

It seems like this has been the summer of car hacking, doesn’t it? Between the remote lock hack, the OnStar hack, the encrypted key fob hack, and that major Wired article revealing a remote wireless hack that prompted FCA to recall 1.4 million vehicles, it’s enough to make you want to go back to a horse and buggy. It’s so bad, the world’s largest automakers have decided to do something about it, sort of: They’ve established an Information Sharing and Analysis Center, “a secure, industry-wide clearinghouse for intelligence about cyberthreats to vehicles and their networks.”

Automotive News reports that the two biggest auto industry supergroups—the Alliance of Automobile Manufacturers and the Association of Global Automakers—are working on this cooperative to share best practices in preventing, detecting, and responding to automotive cybersecurity threats.

“Is it dire right now? I wouldn’t say so, but now is the time to form the ISAC so the infrastructure and trust is there when they need an ISAC,” Denise Anderson, chair of the National Council of ISACs and a former vice president of the financial services industry’s ISAC, told Automotive News. “You don’t want to be caught unprepared. Health care is being heavily targeted right now, but in the past they weren’t.”

ISAC is a term applied to collaborations among companies in a particular sector, and the first such industry-wide centers were established in 1998, when then President Bill Clinton issued a directive to encourage industries to “advance the physical- and cybersecurity of the critical infrastructures of North America by establishing and maintaining a framework for valuable interaction” among players in various industries. Financial institutions were able to respond to a rash of attacks that knocked the websites of dozens of major banks offline in 2012 and 2013 in part because of that sector’s ISAC, Anderson told Automotive News.

Automotive News reports that “every major automaker will participate in the automotive ISAC, with suppliers and telecommunications companies expected to join down the road.” Member companies will use the ISAC to anonymously share information about vulnerabilities and attacks, and the group will have a dedicated staff of analysts to track threats and give out pertinent information to members.



Will the industry’s self-appointed supergroup be able to fix the hacking problems? Lawmakers don’t seem to think so: Senator Ed Markey, long a critic of automakers’ lax cybersecurity stance, and Senator Richard Blumenthal have teamed up to introduce an anti-hacking bill that would require all automakers to “establish minimum security levels for any vehicle software in contact with physical driving controls.”

Advertisements

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s