Hackers Prove Chrysler Vehicles are Prone to Dangerous Cyber Attacks

Hackers Prove Chrysler Vehicles are Prone to Dangerous Cyber Attacks
Image: Chrysler
July 22, 2015

Cars continue to get smarter, but increased risk comes right alongside with increased capability.

A flaw in several Fiat Chrysler models allows hackers to remotely control vehicles over the Internet, according to Wired. Hackers can take advantage of the vehicle's Uconnect cellular connection, a feature available in hundreds of thousands of Fiat Chrysler vehicles, to change your radio station, abruptly apply the brakes, or even turn the engine off all together. GPS coordinates are easily tracked as well.

Hackers Charlie Miller and Chris Valasek claim that the loophole exists in late 2013, 2014, and early 2015 models. The hackers claim that Jeep Cherokees are the most prone to hacking, with the Cadillac Escalade and Infiniti Q50 not far behind. While they focused their efforts solely on the Uconnect system, several other telematics systems exist that are not impervious to a security breach.

Miller and Valasek have been sharing their work Fiat Chrysler for the past nine months, allowing the automotive company to work on a patch to close the hacking loophole. On July 16, Fiat Chrysler notified owners of affected vehicles that the software update would be made available. Unfortunately, the update will not automatically upload, forcing customers to implement the update by USB stick or bring their vehicle to the dealership.

In response to this display of vehicle's easily hacked systems, senators Ed Markey (D-MA) and Richard Blumenthal (D-CT) plan to introduce an automotive security bill to set new digital security standards. "Drivers shouldn't have to choose between being connected and being protected," said Markey in a written statement. "We need clear rules of the road that protect cars from the hackers and American families from data trackers."

Markey contacted 20 automakers to gain more knowledge about their security practices. The response he received was described by the senator as "a clear lack of appropriate security measures to protect drivers against hackers who may be able to take control of the vehicle." Of the 16 automakers who responded, all confirmed that almost every current model of vehicle has some sort of wireless connection. Only seven of these companies had hired independent security firms to ensure online security.