Fiat Chrysler recalls 1.4 million vehicles after experts were able to hack Jeep

Experts were able to enter the Jeep’s electronics via its online entertainment system, changing its speed and braking capability and manipulating the radio and windshield wipers.
Experts were able to enter the Jeep’s electronics via its online entertainment system, changing its speed and braking capability and manipulating the radio and windshield wipers.CHRYSLER JEEP

NEW YORK (AFP) - Fiat Chrysler Automobiles issued a safety recall for 1.4 million US cars and trucks Friday after hackers demonstrated that they could remotely control their systems while they are in operation.

The recall came after cybersecurity experts Charlie Miller and Chris Valasek remotely commandeered a Jeep Cherokee, made by Chrysler, to demonstrate the vulnerability of the vehicles' electronic systems.

"The recall aligns with an ongoing software distribution that insulates connected vehicles from remote manipulation, which, if unauthorised, constitutes criminal action," said FCA US, the American arm of the Italian auto group, in a statement.

As reported in Wired magazine and elsewhere, working from laptop computers at home, the two men were able to enter the Jeep's electronics via its online entertainment system, changing its speed and braking capability and manipulating the radio and windshield wipers.

After the report, Chrysler said Wednesday that it was offering a free software patch for vulnerable vehicles even while saying it had no first-hand knowledge of hacking incidents.

The recall announced on Friday involves a broad range of Dodge, Jeep, Ram and Chrysler cars and trucks produced between 2013 and 2015 that have radios vulnerable to hacking.

Customers with recalled vehicles will receive a USB device which they can use to update the vehicle's software.

FCA said it had already taken security steps at the network level for the vehicles' communications systems "to prevent the type of remote manipulation demonstrated in a recent media report."

Those measures, the company said, block remote access "to certain vehicle systems" and were implemented on Thursday.

The company downplayed the threat, stressing that the hack required "unique and extensive technical knowledge, prolonged physical access to a subject vehicle and extended periods of time to write code."

"No defect has been found. FCA US is conducting this campaign out of an abundance of caution," it said.