Fiat will recall more than 1.4 million Fiat Chrysler vehicles already sold in the US due to cyber security issues. Below are the 10 facts about this recall:
- The recall will only take place in the US as the spokesperson for Fiat told BBC News the vehicles sold in UK do not have the security issues.
- Fiat vehicles with touch-screen radios were recalled to update software to protect against cyber-attacks. Reuters reports the recall of the Fiat Chrysler consists of a collection of vehicles such as the MY Dodge Viper specialty vehicles, Ram 3500, 4500, 5500 Chassis Cabs, Ram 1500, 2500 and 3500 pickups, Dodge Durango SUVs, Jeep Grand Cherokee and Cherokee SUVs, Dodge Charger sedans, MY Chrysler 200, Chrysler 300, and Dodge Challenger sports coupes.
- Customers with their cars recalled will receive a USB to update their software. The software update of the Fiat vehicles will prevent hackers from gaining remote control of the engine, steering and other systems of the car according to the New York Times.
- Earlier this week a report was published in a technology magazine Wired according to which a hacker had taken control of the Jeep Cherokee and had the ability to manipulate the air conditioning, stereo controls, brakes through transmission from only a laptop miles away from the jeep.
- The hack was carried out by Charlie Miller and Chris Valasek, professional security researchers according to Reuters. The point of the hack was to demonstrate the Jeep Cherokee can be hacked through its entertainment system which is connected to the mobile data network. The hack took place by using relatively cheap and simple as off-the-shelf equipment connected to only a laptop to create a DAB station, which broadcasted the malicious hacking data into the car according to BBC News.
- Miller and Valasek have been researching car control systems for years and were able to control the Fiat cars to the point where they could turn the brakes on and off, manipulate the windshield vipers and even completely shut off the engine by only using a remote. Shortly after the recall Miller tweeted if it was cheaper to design more cars or to recall them, reports the LA Times.
- Fiat Chrysler has deemed the hack a ‘Criminal Action’. According to the Fiat spokesperson exploiting the flaw in the Fiat Jeep Cherokee requires unique technological knowledge along with prolonged access to the vehicles and extended time for code writing, therefore manipulating the software is a criminal action.
- The flaw was found in the Uconnect system of the Fiat software. Uconnect allows users to communicate with other Fiat Chrysler cars through their smartphones by using internet over the Sprint’s network. The Uconnect feature allows owners to turn on the engine through a remote, track their car location through GPS and avail from numerous anti-theft features.
- Fiat has addressed the problem to assure car owners saying they are applying ‘network-level security measures’ to ensure safety and prevention of the type of remote control access demonstrated by Miller and Valasek. According to Fiat Chrysler the update blocks out remote control access to their vehicles system with the 8.4 inch touchscreen and so far there have been no complaints from car owners according to the Wall Street Journal.
- The recall by Fiat was announced soon after two US senators introduced legislations to set standards for securing vehicles and protecting consumers’ privacy. The bill calls on the US Federal Trade Commission and the National Highway Traffic Safety Administration to inform consumers how vulnerable vehicles are to a cyber-attack. The bill has been passed with help from the two Fiat hackers Miller and Valaseck. One of the senators Edward Markey also shared he was concerned how long Fiat had known about the security gap and the regulators at Fiat should be immediately taking measure to eliminate vulnerabilities from vehicles on the road reported BBC News.
Originally posted in i4u News