A new rule from the United Nations will require connected cars sold in Japan, South Korea and the European Union, among other places, to be protected against cyberattacks, The Wall Street Journal (WSJ) reported.
Last month, 53 countries, not including the United States, signed a resolution requiring companies responsible for approving car models to make sure they’ve got protections against attacks, and manufacturers will have to ensure their suppliers implement the protections and forensic measures to detect and analyze the attacks.
The rules go into detail on what kinds of attacks auto makers will need to prevent, including malware attacks on servers processing data from connected vehicles and attempts to entice drivers to download malicious software, WSJ reported.
Japan said it would begin implementing the rules next year, and South Korea plans to introduce some regulations this year. The EU said it would implement the rules starting in 2022, WSJ reported. And while the U.S. wasn’t a party to the regulations, American auto makers will have to abide by the rules to sell cars in countries that have the new guidelines.
Many global auto makers already implement protections against cyberattacks. But the new rules will require them to document what they’re doing for specific types of attack preventions, check in with authorities annually on how effective the cybersecurity measures have been, and report any new information on the attacks.
Cybersecurity spending in the auto industry is set to almost double in the next decade, from $4.9 billion this year to $9.7 billion in 2030, WSJ reported. The increase is partially due to regulatory requirements, according to a study by consulting firm McKinsey and Co. and Texas-based lobbying group Global Semiconductor Alliance, which works with semiconductor and technology companies.
Safety has been a concern for connected cars in general, with companies making them using technology to protect drivers against crashes, alert them of issues with their vehicles and tell them of recalls and other necessary information.