Fiat Chrysler recalls vehicles to prevent hackers from taking control
Meanwhile, members of the Congress and NHTSA officials have expressed their concerns about the security of vehicles with internet-connected systems. The cause of the problem exists in the Uconnect system, which lets smartphone users communicate with certain Fiat Chrysler cars over the Internet using Sprint’s network.
In total, there are 1.4 million of these models on the roads.
If hacking into vehicles can be profitable, it might become more common, said Stephen Checkoway, assistant professor of computer science at the University of Illinois, Chicago. If you supply your own blank USB drive, it’s possible to download the update from Chrysler’s website and install it yourself without waiting for the mailed USB drive. But documents show that the wider recall came at the urging of government safety regulators.
Fiat Chrysler has issued a safety recall affecting 1.4m vehicles in the US.
In a controlled experiment documented by Wired, two hackers remotely wreaked havoc on a Jeep – doing everything from blasting cold air through the vehicle’s vents to blaring loud music through the speakers and spraying windshield wiper fluid – before disabling the SUV and leaving it stranded on the side of the highway.
The researchers behind the stunt, Charlie Miller and Chris Valasek, took over the auto from miles away, through the Uconnect service, which links the infotainment systems in Fiat-Chrysler vehicles to the Internet.
Postmedia reports that earlier this year BMW offered customers a software patch after hackers were able to remotely unlock the doors of its cars.
The recall also includes the 2013-’15 Dodge Viper; 2013-’15 Ram 1500, 2500 and 3500; 2013-’15 Ram 3500, 4500 and 5500; 2014-’15 Dodge Durango; 2015 Chrysler 200, Chrysler 300 and Dodge Charger and 2015 Dodge Challenger. The researchers who discovered the vulnerability say it took months to write the code to get into the vehicle’s system.
The agency’s chief, Mark Rosekind, said NHTSA cybersecurity experts would scrutinize the recall, allowing the government to “further assess” the company’s response.
“We were able to access the jeep Cherokee over its 3-G connection”, said Valasek of Shadyside. Security is one of the most important responsibilities of a major software company. The automaker said it has applied “network-level security measures” that would prevent the type of remote control access demonstrated by the researchers. Fiat Chrysler says it provides added security beyond the cellular network fixes. Alternately, customers may visit http://www.driveuconnect.com/software-update/ to input their Vehicle Identification Numbers (VINs) and determine if their vehicles are included in the recall.