The inevitable and ugly rise of car hacking became official last Friday, as Fiat Chrysler Automobiles (FCA) announced the recall of 1.4 million vehicles that could be susceptible to cyberattacks. The first-ever recall for a cyber-vulnerability came four days after Wired broke a story about a successful remote hack attempt on a Jeep Cherokee on a road in St. Louis.
In a statement, FCA said vehicles that employ its 8.4-inch touchscreen with Uconnect service are part of the recall. The company said that some models of the Dodge Viper, Dodge Ram, Jeep Cherokee, Jeep Grand Cherokee, Dodge Durango, Chrysler 200, Chrysler 300, Dodge Charger, and Dodge Challenger use the screen.
The recall arose after hackers working with Wired magazine in a live test successfully took over a Jeep vehicle by hacking its infotainment system. In a written statement, FCA senior vice president Gualberto Ranieri noted that hacking the vehicle was not an easy chore. “It took two security researchers, Charlie Miller and Chris Valasek, months to tap into and control certain systems of (the) SUV,” he wrote. “They are experts.”
MORE FROM DESIGN NEWS: Why Automotive Defect Numbers Are Soaring
FCA said it has already developed, tested, and begun distributing a software patch, and is working openly with the National Highway Traffic Safety Administration (NHTSA) on the issue. “…We proactively opened a dialogue with NHTSA and decided, in an abundance of caution, to continue the distribution under the auspices of a recall,” Ranieri wrote.
Owners of the 1.4 million recalled vehicles will receive a USB drive in the mail with the software patch preloaded on it, FCA said. They are being told that they can upgrade the software themselves or have it done at their dealerships.
An NHTSA statement said that it, working with FCA, promoted the idea of a recall. “NHTSA encouraged this action, which meets the critical responsibility of manufacturers to assure the American public that vehicles are secure from such threats, and that when vulnerabilities are discovered, there will be a swift and strong response,” the agency’s statement said.
Reached for comment on the event, software maker Tripwire suggested to Design News that this case of automotive software hacking is an isolated and unlikely event. “As this is still a relatively new area of security research, we will begin to see more vulnerabilities in vehicle systems,” noted Ken Westin, senior security analyst for Tripwire. “As such, car manufacturers will need to develop safe and secure methods of updating software in these systems, either through dealerships or possibly even remotely.”
MORE FROM DESIGN NEWS: What Can Be Done About Car Hacking?
Senior technical editor Chuck Murray has been writing about technology for 31 years. He joined Design News in 1987, and has covered electronics, automation, fluid power, and autos.