Senators want to shore up automotive cybersecurity

Congress is taking an interest in a new kind of mobile cybersecurity. As computers control more and more of the functions of modern cars, the more vulnerable they are to getting hacked. A pair of senators is looking to set federal standards governing both the security of cars with network-connected computers, and the privacy of the drivers.

The legislation from Sens. Ed Markey (D-Mass.) and Richard Blumenthal (D-Conn.) would establish the National Highway Traffic Safety Administration and the Federal Trade Commission as regulators of security and privacy in connected cars.

"Drivers shouldn’t have to choose between being connected and being protected. We need clear rules of the road that protect cars from hackers and American families from data trackers," Markey said.

The bill would create performance standards to require "reasonable measures" against hacks and require automakers to conduct penetration testing on their own systems while implementing data security to guard against exfiltration of data stored in cars and on connected networks. The legislation also calls for technology to detect and report intrusion attempts.

Efforts by automakers to thwart hacks and promote cyber hygiene will be tracked on a "cyber dashboard" set up by NHTSA and the FTC. The dashboard information would be displayed on new cars at dealerships.

The bill comes the same day as a report in Wired that detailed how two security researchers were able to remotely hack into and take control of a Jeep Cherokee.