Funny thing about technology – the more it makes certain tasks in our lives easier – the more it makes us vulnerable to cyber-attacks. And, that includes our cars. As a result of hacking, Fiat-Chrysler announced it was launching the voluntary recall of 1.4 million cars, trucks and SUVs in what was termed “an abundance of caution”. One can only imagine the collective sigh of relief from all auto insurance companies who heard the news.
The recall, which involves Jeeps, Rams, Dodges and Chryslers, came following a demonstration earlier this week by Wired magazine from two “hackers” who took remote control of a Jeep Cherokee’s brakes and other systems. While this is the first remote hacking of a new vehicle, the recall was issued over future hacking fears.
Unfortunately, hackers have proven time and time again that they can breach supposedly secured sites all over the world, which has led to an unprecedented amount of identity thefts. These particular “hackers” gained access through the Uconnect touchscreen entertainment system – a route they said could be available to any Fiat-Chrysler vehicle with the system installed.
The recall covers vehicles equipped with 8.4-inch touchscreens, including:
• 2013-2015 Dodge Vipers
• 2013-2015 Ram 1500, 2500 and 3500 pickups
• 2013-2015 Ram 3500, 4500, 5500 Chassis Cabs
• 2014-2015 Jeep Grand Cherokees and Cherokees
• 2014-2015 Dodge Durangos
• 2015 Chrysler 200, Chrysler 300 and Dodge Charger sedans
• 2015 Dodge Challengers
When the Wired story initially broke, Fiat Chrysler underestimated the number of vehicles affected, and that it would offer a free software update that owners could download and install themselves via USB drive. However, in a more recent move, Fiat Chrysler not only raised the amount of affected vehicles; owners will now get the USB directly from Chrysler, instead of having to go to a dealer as with a traditional recall.
Fiat Chrysler also said it had changed its controls over the network-level access to block the technique used by the hired “hackers”. They had found that every affected vehicle was transmitting its IP address over the Sprint cellular network.
In a statement, Fiat Chrysler announced that “the software manipulation addressed by this recall required unique and extensive technical knowledge, prolonged physical access to a subject vehicle and extended periods of time to write code”. That said, owners of the affected vehicles feel a little less secure knowing that someone could take over the vital controls of their vehicle, creating a possible life and death situation.
Although not labeled a traditional safety recall, the National Highway Traffic Safety Administration (NHTSA) said it would open a separate probe to investigate Fiat Chrysler’s handling of the current problem. This isn’t the agency’s first go-round with the automaker in recent months. In fact, the NHTSA has accused Fiat Chrysler of foot-dragging safety recalls affecting more than 11 million vehicles, and has leveled huge fines and other sanctions for the delays.
Fiat Chrysler revealed in documents given to the agency that it first became aware of the software flaw in January 2014 – 18 months before the Wired article. In a face-saving attempt, Fiat Chrysler also said no one had been able to gain remote access before the hackers.
Chris Valasek and Charlie Miller, the researchers who found the flaw, say they did so to raise awareness about security questions surrounding connected vehicles. This has led most major automakers to provide some kind of data link in their vehicles; while a few, including Tesla and BMW, have even performed over-the-air updates.
Now, with Congress considering new laws on vehicle software safety, the current Fiat Chrysler hacking recall is likely to not be the last.
When shopping for auto insurance, the risk of hacking may become an issue if it isn’t resolved completely. Owning one of these vehicles could raise your premiums – even if you’re a good driver. Make sure you’re getting the best auto insurance rates available. Why not get a free auto insurance quote comparison today?
Knowing these and other vehicles may be vulnerable to hacking; will it deter you from buying one? Feel free to share your thoughts in the comments section below.