Hackers Have the Power to Remotely Hijack Half a Million Chrysler Cars
An ongoing investigation into the security of Chrysler vehicles bears some pretty startling conclusions. In a couple of weeks, security researchers will reveal the details of a zero-day exploit that affects about 470,000 cars. Hackers can take complete control of the cars from thousands of miles away.
Longtime car hackers Charlie Miller and Chris Valasek recently demonstrated the possibilities of the Chrysler exploit. They’ve taken a Jeep Cherokee onto the highway outside St. Louis, while the hackers took over control of the car. Using the Jeep’s Uconnect system, which plugs into a cellular network, the security researchers were able to gain control of the car’s entertainment system and then rewrite the firmware to send commands to critical systems like the brakes, steering, and transmission.
Chrysler knows about the vulnerability and doesn’t seem to be taking it too seriously. The company recently released a patch to the Uconnect software that addresses the issue, but it needs to be installed via USB drive or by a dealer.
Meanwhile, Chrysler seemed to have scolded the researchers for sharing information about the exploit publicly. Under no circumstances does Fiat Chrysler Automotive condone or believe it’s appropriate to disclose how-to information’s that would potentially encourage, or help enable hackers to gain unauthorized and unlawful access to vehicle systems, the company said in a statement.
Although this is not the first time that security researchers have discovered and shared details of a car hack, it’s starting to get pretty real. When there are almost half a million cars that could be commandeered or bricked with just a few key strokes, it’s time for auto companies to take notice, and embrace the community of researchers and politicians trying to make sure our cars are safe.