Fiat Chrysler to recall 1.4 million vehicles in US to prevent hacking

25 Jul 2015 | Author: | No comments yet »

1.4mn vehicles recalled over remote hack vulnerability.

NEW YORK (AP) — Fiat Chrysler said Saturday that it is recalling more than half a million more trucks in the U.S. to fix faulty impact sensors, a day after it announced an even bigger U.S. recall to update vehicles’ software in order to safeguard it from hacking. Concerns about cars have been percolating among computer security experts for years, as automakers rushed to keep cars abreast with the demands of increasingly connected, tech-happy consumers. (M.Just days after hackers demonstrated that they could remotely access Jeep Cherokee’s electronic entertainment system, control cars while engines are running, or even crash one, Fiat Chrysler Automobiles has recalled some 1.4mn vehicles for a software update.

The faulty sensors could cause seat belt pre-tensioners to activate and air bags to deploy unexpectedly, increasing the risk of a crash or injury, according to a statement posted on the U.S. Spencer Green/Associated Press) Instead, the noted security expert and co-founder of the SecTor conference says he just repeats what has been true of electronic security since, at least, the mid 1990s. The company also disclosed in government documents that the hackers got into the Jeep through an electronic opening in the radio and said it would update software to close it. The recall announced on Friday involves a broad range of Dodge, Jeep, Ram and Chrysler cars and trucks manufactured between 2013 and 2015, equipped with touchscreen infotainment radio system, proved to be vulnerable to remote hacking. “The recall aligns with an ongoing software distribution that insulates connected vehicles from remote manipulation, which, if unauthorized, constitutes criminal action,” said FCA US, the American arm of the Italian auto group, in a statement.

In fact, Bourne says, today’s modern cars — which include any number of gadgets that can be accessed over the internet or cellphone networks — can be just as susceptible to hackers and malware as a desktop computer was in 1995. “History repeats itself,” Bourne told CBC News. “Every time new technology emerges, there’s a general rush to get out something cool, something to get consumers excited. Bourne says he was pleased to hear about the Jeep Cherokee hack, which was demonstrated on a willing participant, because it puts pressure on automakers to pay more attention to electronic security, which in a car represents a very real risk to life and limb. It came as the industry is rapidly adding internet-connected features such as WiFi and navigation that are convenient for drivers but make the car more vulnerable to outside attacks. “I think it’s a pretty big deal,” said James Carder, chief information security officer for LogRhythm Inc., a Boulder, Colorado, security company. “This isn’t intellectual property going out the door, this is 1.4 million lives on the line.” Automakers, he said, have become accustomed to testing mechanical safety, but most aren’t doing enough online security testing. Research “clearly shows that security between the various systems in a vehicle all communicate rather openly without security firewalls or sender verification,” Bourne said.

Interestingly, a Fiat blog entry by Gualberto Ranieri stated the company was aware the hackers were doing ongoing research intentionally hacking Miller’s vehicle over the past year, and that they had communicated with the company about aspects of their work. “To [the] FCA’s knowledge, there has not been a single real world incident of an unlawful or unauthorized remote hack into any FCA vehicle,” said Ranieri. Fiat Chrysler, which already is facing penalties from NHTSA for recall delays over several years, said in documents that it agreed to the recall even though there were no problems in the field other than the Jeep attack, and it had no complaints or warranty claims. The fix came after two well-known hackers, Charlie Miller and Chris Valasek, remotely took control of the Cherokee through its UConnect entertainment system.

Fiat downplayed the vulnerability of the software hack stressing that it required “unique and extensive technical knowledge, prolonged physical access to a subject vehicle and extended periods of time to write code.” Miller said Friday that he didn’t think Fiat Chrysler’s statement about criminal activity was directed at them because they hacked into a vehicle they own. “I don’t think they are saying anything bad against us in that statement, just reminding people that if someone were to hack their car, it’d be against the law,” he said.

Also covered are 2014 and 2015 Dodge Durango and Jeep Grand Cherokee and Cherokee SUVs, as well as the 2015 Chrysler 200 and 300, and the Dodge Charger and Challenger. Customers can go to http://www.driveuconnect.com/software-update/ and punch in their vehicle identification number to find out if they’re included in the recall. He owns the same model Jeep that was hacked, and says he’ll get the software fix done quickly. (TM and © Copyright 2015 CBS Radio Inc. and its relevant subsidiaries.

Here you can write a commentary on the recording "Fiat Chrysler to recall 1.4 million vehicles in US to prevent hacking".

* Required fields
Twitter-news
Our partners
Follow us
Contact us
Our contacts

dima911@gmail.com

ICQ: 423360519

About this site