Hack Attack! FCA Recalls 1.4m Vehicles Because Outsiders Can Take Control Remotely by Exploiting the Software

Posted on 24 July 2015 by Ken Zino

FCA US, aka Chrysler, is recalling 1.4 million late model vehicles because hackers can remotely take control of the cars and trucks. Chrysler had previously patched the software for current production, but at the insistence of NHTSA pre-patch models are being recalled. (NHTSA Blasts FCA Recalls – Big Fines, Maybe Criminal Charges Coming for Italian Automaker? Litigation Ongoing.)

“The recall aligns with an ongoing software distribution that insulates connected vehicles from remote manipulation, which, if unauthorized, constitutes criminal action, FCA said in a statement today.

“Further, FCA US has applied network-level security measures to prevent the type of remote manipulation demonstrated in a recent media report. These measures – which required no customer or dealer actions – block remote access to certain vehicle systems and were fully tested and implemented within the cellular network on July 23, 2015.

FCA claims it is unaware of any injuries related to “software exploitation,” nor is it aware of any related complaints, warranty claims or accidents – independent of a spectacular media demonstration of vulnerabilities earlier this week when hackers remotely shut off a Jeep Cherokee on a road.

“The software manipulation addressed by this recall required unique and extensive technical knowledge, prolonged physical access to a subject vehicle and extended periods of time to write code,” said the Italian owned company.

Affected Chrysler vehicles include model year 2013-2015 Ram 1500, 2500, 3500, 4500, and 5500, 2015 Chrysler 200, Chrysler 300, Dodge Charger, and Dodge Challenger, 2014-2015 Jeep Grand Cherokee, Cherokee, and Dodge Durango, and 2013-2015 Dodge Viper vehicles.

FCA will notify and mail affected owners a USB drive that includes a software update that it says eliminates the hacking vulnerability. Owners may download the update to their own USB drive from http://www.driveuconnect.com/software-update/ or take their vehicle to a Chrysler dealer for immediate installation.

In an effort to “mitigate the effects of this security vulnerability,” Chrysler has had the wireless service provider close the open cellular connection to the vehicle that provided unauthorized access to the vehicle. “This measure may not have been implemented on all vehicles and does not address access by other means that will be remedied by the software update.”

Tweet

About Ken Zino

Ken Zino, editor and publisher of AutoInformed, is a versatile auto industry participant with global experience spanning decades in print and broadcast journalism, as well as social media. He has automobile testing, marketing, public relations and communications experience. He is past president of The International Motor Press Assn, the Detroit Press Club, founding member and first President of the Automotive Press Assn. He is a member of APA, IMPA and the Midwest Automotive Press Assn. He also brings an historical perspective while citing their contemporary relevance of the work of legendary auto writers such as Ken Purdy, Jim Dunne or Jerry Flint, or writers such as Red Smith, Mark Twain, Thomas Jefferson – all to bring perspective to a chaotic automotive universe. Above all, decades after he first drove a car, Zino still revels in the sound of the exhaust as the throttle is blipped during a downshift and the driver’s rush that occurs when the entry, apex and exit points of a turn are smoothly and swiftly crossed. It’s the beginning of a perfect lap. AutoInformed has an editorial philosophy that loves transportation machines of all kinds while promoting critical thinking about the future use of cars and trucks. Zino builds AutoInformed from his background in automotive journalism starting at Hearst Publishing in New York City on Motor and MotorTech Magazines and car testing where he reviewed hundreds of vehicles in his decade-long stint as the Detroit Bureau Chief of Road & Track magazine. Zino has also worked in Europe, and Asia – now the largest automotive market in the world with China at its center.
This entry was posted in recalls and tagged , , , . Bookmark the permalink.

Leave a Reply

Your email address will not be published. Required fields are marked *