Skip to main content

Jeep, Dodge, Chrysler maker recalls 1.4 million vehicles amid car hacking fears

Jeep parent company FCA has issued a recall of 1.4 million cars — including such popular vehicles as the Jeep Cherokee, Dodge Charger, and Chrysler 200 — following revelations that hackers can take over a multitude of car functions, including disabling the brakes and engine.

In an article posted on Wired, software engineers Charlie Miller and Chris Valasek demonstrated the ability to remotely access a Cherokee and take over a variety of features, including those key parts of  driving via a vulnerability in the Uconnect infotainment system. This provides many internet-based services by way of a cellular connection. FCA initially released a statement playing down concerns and distributing a software update to plug the proverbial hole; On Friday the company expanded that action to a voluntary safety recall.

Recommended Videos

“FCA U.S. has applied network-level security measures to prevent the type of remote manipulation demonstrated in a recent media report. These measures – which required no customer or dealer actions – block remote access to certain vehicle systems and were fully tested and implemented within the cellular network on July 23, 2015,” says FCA’s recall announcement. This action coincides with the voluntary recall in which the initially released software patch will be installed.

Please enable Javascript to view this content

Ron Montoya, senior consumer advice editor at Edmunds.com reached out to Digital Trends on Wednesday when the patch was initially released to explain why drivers need not panic.

“Car owners might read about this hack and become understandably concerned, but they need to know that this is not an issue that should keep them up at night,” Montoya adds. “This week’s hack was an isolated incident that was performed on one specific vehicle and it was not something that could be replicated on a mass scale. Nevertheless, automakers recognize this as a very important issue and they’re proactively working to identify flaws in their own connected systems and address whatever issues they may find.”

jeep-interior
Image used with permission by copyright holder

Montoya also expanded on FCA’s statement that the cyber security breach “required unique and extensive technical knowledge, prolonged physical access to a subject vehicle, and extended periods of time to write code.”

“It’s important to note that these weren’t any old hackers, this was a team that had a grant from DARPA assigned to find vulnerabilities in vehicles,” he said. Miller –a former NSA hacker — and Valasek — director of vehicle security research at the consultancy IOActive — had to start physically tearing though at least 24 cars of various brands before determining that the Jeep Cherokee was the easiest nut to crack. The message here is that considerable time, money, and resources were required to pull off this wireless feat.

In other words, the likelihood of Johnny Anyhacker wantonly overriding vehicles is unlikely. But should we rest easy? Ron suggests that while we can sleep soundly, it’s automakers that should be taking note and stepping up their game. “[Cybersecurity] is something they already keep in mind, but this is something that makes automakers more aware,” he says.

Miller and Valasek will release part of their hacking software for peer review, and FCA isn’t too crazy about that.

“Under no circumstances does FCA condone or believe it’s appropriate to disclose ‘how-to information’ that would potentially encourage, or help enable hackers to gain unauthorized and unlawful access to vehicle systems,” reads a statement from the automaker. The brand further assuages fears stating that “After becoming aware of the vulnerabilities… FCA U.S. and several suppliers worked to fix the vulnerabilities in model year 2015 vehicles. FCA also created a software update that eliminates the vulnerabilities uncovered by Miller and Valasek in their laboratory tests.”

This is something the automaker also wants to make clear: “To FCA’s knowledge, there has not been a single real world incident of an unlawful or unauthorized remote hack into any FCA vehicle” (emphasis theirs).

FCA has also expanded the list of cars subject to the vulnerability. They now include:

  • 2013-15 Dodge Viper specialty vehicles
  • 2013-15 Ram 1500, 2500 and 3500 pickups
  • 2013-15 Ram 3500, 4500, 5500 Chassis Cabs
  • 2014-15 Jeep Grand Cherokee and Cherokee SUVs
  • 2014-15 Dodge Durango SUVs
  • 2015 Chrysler 200, Chrysler 300 and Dodge Charger sedans
  • 2015 Dodge Challenger sports coupes

“It’s important to reiterate that there is no real safety threat to FCA owners,” Montoya concludes. “Earlier this week we installed that patch to our own 2014 Ram 1500,” demonstrating the ease of which the patch can be updated. Owners of any FCA vehicles are still encouraged to go to this link and run their car’s VIN number to check if it falls under the recall.

Alexander Kalogianni
Former Digital Trends Contributor
Alex K is an automotive writer based in New York. When not at his keyboard or behind the wheel of a car, Alex spends a lot of…
Teslas likely won’t get California’s new EV tax rebate
teslas likely wont get californias new ev tax rebate ap newsom 092320 01 1

California seems eager to reassert itself, not only as one of the largest economies in the world, but one where EVs will continue to thrive.

Governor Gavin Newsom has announced California will seek to revive state-tax rebates for electric vehicles should the incoming Trump administration carry out its plans to end the existing $7,500 federal incentive on EVs.

Read more
Watch Figure’s latest humanoid robot performing tasks autonomously
The Figure 02 humanoid robot.

Figure Status Update - BMW Use Case

Robotics startup Figure recently shared a new video showing several of its humanoid robots performing a task that could be applied to the automotive industry.

Read more
Kia PHEVs’ electric range will double to 60 miles
kia phevs electric range will double to 60 miles cq5dam thumbnail 1024 680

Besides making headlines about the wisdom, or lack thereof, of ending federal rebates on EVs in the U.S., Kia is setting its sights on doubling the range its plug-in hybrid vehicles (PHEVs) can run on while in electric mode.

With affordability and finding chargers remaining among the main hurdles to full EV adoption, drivers this year have increasingly turned to PHEVs, which can function in regular hybrid gas/electric mode, or in full electric mode. The issue for the latter, however, is that range has so far remained limited.

Read more