US Auto Safety Regulator Warns Carmakers Against Cybersecurity Risks, Calls on Proactive Steps Against Vulnerabilities

The top U.S. auto safety regulator said on Friday that other carmakers must move to address potential cyberhacking vulnerabilities of their vehicles after several cybersecurity experts showed it is possible to remotely take over Internet-enable vehicles.

In a Reuters report,  Mark Rosekind, head of the National Highway Traffic Safety Administration, said automakers must step up and proactively deal with cybersecurity issues following Fiat Chrysler Automobiles NV's recall of 1.4 million vehicles in the U.S. to install a software that would block hackers from commandeering the automobiles remotely.

The recall was triggered by reports that cybersecurity researchers were able to remotely gain control of a Jeep Cherokee engine as it was driving.

The Detroit News, meanwhile, reported that Rosekind's announcement was made the same day General Motors Co. said it will update a smartphone app to prevent hackers from taking control of some functions of its Chevrolet Volt.

The report added that GM issued the statement after a security researcher posted a video on Youtube on Thursday that showed he can control unlock the doors and start an engine of a Volt by hacking into the OnStar Remotelink application.

To determine the extent of the cybersecurity issues of the auto industry, the NHTSA is investigating a radio supplier of Fiat Chrysler, which may have also been used by other carmakers,.

"The supplier didn't just supply radios to Chrysler but to a lot of other manufacturers. A lot of our work now is trying to find out how broad the vulnerability could be," Rosekind said in the Reuters report.

Although Rosekind did not identify the radio supplier, one of the hacking experts who found out about Fiat Chrysler's vulnerability told Reuters the device came from Harman International Industries Inc.

Reuters said the NHTSA is working with researchers at Fiat Chrysler to know more about the hacking and the measures being taken by the company to address the issue. He added that the NHTSA has yet to begin formal investgations on the reported cybersecurity issue of GM.