Fiat Chrysler recalls 1.4M cars after hack revelations
Fiat Chrysler Automobiles announced a voluntary recall Friday of 1.4 million U.S. vehicles, following revelations that one of its Jeeps could be hacked.
Earlier this week, an online video showing two computer experts hacking into an Internet-connected Jeep stunned the automotive world and caught the attention of Congress. A writer for Wired, who produced the video, posted it Tuesday.
Fiat Chrysler said the recall was being done to update software on vehicles equipped with certain radios, through which the hackers were able to remotely access and take over the Jeep's controls, including brakes and steering.
"The recall aligns with an ongoing software distribution that insulates connected vehicles from remote manipulation, which, if unauthorized, constitutes criminal action," the company said in a statement. Rather than actually turning in their vehicles, customers can receive a USB device with which to upgrade the vehicle's software. A dealer can also update the software.
The company said it also has "applied network-level security measures to prevent the type of remote manipulation demonstrated in a recent media report."
The measures, it said, block remote access to certain vehicle systems and were fully tested and implemented within the cellular network on Thursday.
The company said it was unaware of any injuries related to the "software exploitation."
Earlier this week, cybersecurity experts Charlie Miller and Chris Valasek showed they could remotely take control of a Jeep driven by a Wired reporter. Their success comes as cars are getting smarter and hacking these complex systems is becoming an increasing concern in the auto industry.
The two, who work as ethical hackers, were miles away using the Internet to get inside the Jeep's "info-tainment" system, which controls its radio and navigation systems. From there, they were able to move to a different processor that was involved in in-vehicle communication including braking and steering.
Miller and Valasek estimate as many as 471,000 vehicles, including Jeeps using Fiat-Chrysler's Uconnect system, could be vulnerable.
The vehicles affected by the recall include 2013-15 Dodge Viper specialty vehicles, 2013-2015 Ram 1500, 2500 and 3500 pickups, 2013-2015 Ram 3500, 4500, 5500 Chassis Cabs, 2014-2015 Jeep Grand Cherokee and Cherokee SUVs, 2014-2015 Dodge Durango SUVs and 2015 MY Chrysler 200, Chrysler 300 and Dodge Charger sedans.
Customers can input their Vehicle Identification Numbers (VINs) at the Uconnect website to determine if their vehicles are included in the recall.
In February, "60 Minutes" showed the Defense Advanced Research Projects Agency (DARPA) was able to use a laptop to take over a car. DARPA is trying to develop hack-proof vehicles and provided funding for Miller and Valasek's three-year effort.
Following the Wired report, Massachusetts Sen. Ed Markey told CBS News that motorists should anticipate that hackers will target vehicles. The senator is now introducing legislation to require cybersecurity and privacy protections be applied to vehicles.