A major breach in the digital security of many automobiles has allowed hackers to access critical systems and controls, posing a significant danger to the public. In response, a car hacking class action lawsuit has been filed on behalf of consumers in the U.S. District Court for the Northern District of California.
The system in question is the CAN bus system installed in many vehicles. The CAN bus stands for “controller area network,”. It allows vehicle microcontrollers and other devices to communicate with each other without the help of a host computer. A CAN bus system can contain as many as 70 electronic control units. Each one of which is connected to vital functions such as engine control, steering, air bags, transmissions, and more.
The car hacking class action suit in California has been brought on behalf of several plaintiffs by the Stanley Law Group of Dallas, Texas.
Concerns about the vulnerability of these systems first arose in February 2015, after a segment on “60 Minutes” showed hackers gaining remote access to essential vehicle controls.
Potential members of the car hacking class action against automakers include owners of any vehicle with a CAN-bus system. Including onboard Wi-Fi, OnStar, or Lexus Connect. This covers a variety of vehicles, such as the 2008 Lexus RX 400H, 2014 Ford Escape, and 2013 Chevrolet Volt.
Marc Stanley, the case’s lead attorney, claimed that automakers have purposely hidden the dangers associated with CAN-bus systems. Thus allowing manufacturers to profit from increasingly sophisticated electrical systems that demand higher prices from consumers.
Aside from this charge of consumer fraud, the lawsuit also hopes to produce a judgment forcing automakers to include more secure CAN-bus systems in all future vehicles.
It is still unclear which side will prevail. There have been no injuries linked to hackers taking control of a vehicle’s CAN-bus. In fact there have been no reported instances of malicious CAN-bus infiltration at all.
Regardless, federal lawmakers have already began to take issues into their own hands. On July 21, Senators Ed Markey and Richard Blumenthal introduced legislation that would require cars sold in the United States to meet certain standards of protection from digital attacks.
The proposed bill would require the National Highway Safety and Transportation Administration and the Federal Trade Commission to create new security standards for the devices. Thus making it more difficult for attackers to gain control of a vehicle and also protecting sensitive information. Which includes GPS logs, and keeping them from falling into the wrong hands.