On-Board Diagnostic (OBD-II) Ports within Your Car = Potential Gateway to Hackers
ICYMI: Citing Security and Safety Concerns, E&C Leaders Request NHTSA Develop Plan of Action for OBD-II Ports within Vehicles
Is your car vulnerable to hackers? House Energy and Commerce Committee Chairman Fred Upton (R-MI), Communications and Technology Subcommittee Chairman Greg Walden (R-OR), Oversight and Investigations Subcommittee Chairman Tim Murphy (R-PA), and Commerce Manufacturing and Trade Subcommittee Chairman Michael C. Burgess, M.D. (R-TX), earlier this week sent a letter on the subject to the National Highway Traffic Safety Administration.
Continuing their work to protect drivers on the road, the members outlined security and safety concerns with the On-Board Diagnostic (OBD-II) ports within vehicles. Members also requested that NHTSA Administrator Mark R. Rosekind convene an industry-wide effort to develop a plan of action for addressing risks associated with the OBD-II ports. As Reuters reporter David Shepardson put it, “The U.S. government is taking the issue seriously.”
September 12, 2016
Four U.S. lawmakers urge safety agency to address vehicle hacking
By David Shepardson
Four Republican members of Congress on Monday urged U.S. auto safety regulators to convene an industry-wide effort to prevent possible attacks on computer systems in vehicles.
The lawmakers addressed their concerns in a letter to the U.S. National Highway Traffic Safety Administration. While there have been no reported cases of vehicle hacking, researchers have shown they could take remote control of vehicle functions such as car horns, brakes and power steering.
The letter cited work published in August by Wired magazine by two researchers who were able to force a Fiat Chrysler Automobiles NV 2014 Jeep SUV to perform in an “erratic and unsafe manner” after accessing its on-board diagnostics (OBD) port. Automakers have been required to install the port in all vehicles since 1994 to test for emissions compliance.
The letter from Representative Fred Upton, a Michigan Republican who chairs the House Energy and Commerce Committee, and three others said the port “as it currently exists creates a growing risk to the safety and security of passengers.”
Fiat Chrysler said in August the demonstration published by Wired required “a computer to be physically connected into the vehicle’s” port. The company emphasized that owners should “not connect any unknown or untrusted devices to the OBD port.”
NHTSA didn’t immediately comment on the letter. The safety agency has said it plans to release cybersecurity guidelines to the auto industry in the coming weeks.
The U.S. government is taking the issue seriously.
On Friday, the U.S. Justice Department said it has formed a threat analysis team to study potential national security challenges posed by self-driving cars, medical devices and other internet-connected tools.
The Federal Bureau of Investigation and NHTSA issued a bulletin in March warning that motor vehicles were “increasingly vulnerable” to hacking.
Read the full article online HERE.