Fiat Chrysler is recalling about 1.4 million cars after a Wired article published Tuesday revealed that hackers were able to remotely hijack a Jeep steered by a Wired reporter. Charlie Miller and Chris Valasek, the security researchers who acted as hackers, were testing a security hole they found in Chrysler’s Uconnect system, which evidently enables car hackers to gain access to a vehicle through its entertainment system–so much so, that they could even cut the brakes and transmission.
This is the first time cars have been recalled due to a security flaw in “smart car” software that offers convenience, and will help drivers segue to a world of autonomous vehicles. The recall is somewhat atypical in that the cars will not be taken off the streets: Instead, Chrysler has informed auto owners they must either manually update their vehicle with a USB stick, or bring it back to their dealer for software updates.
In a statement, Fiat Chrysler explained that the recall was a preemptive measure, since no hacking incidents have been reported to the company, with the exception of Wired‘s demo:
The Company is unaware of any injuries related to software exploitation, nor is it aware of any related complaints, warranty claims or accidents – independent of the media demonstration.
…The software manipulation addressed by this recall required unique and extensive technical knowledge, prolonged physical access to a subject vehicle and extended periods of time to write code.
No defect has been found. FCA US is conducting this campaign out of an abundance of caution.
The models involved in the recall are outlined in the company’s press release.
There is no legislation or directive in place mandating how automakers should update the software of smart cars when security flaws are discovered. At the moment, these policies are determined by the companies themselves.
[via NBC News]