Skip to main content
  1. Home
  2. Cars
  3. News

Jeep, Dodge, Chrysler maker recalls 1.4 million vehicles amid car hacking fears

Alexander Kalogianni
By

Jeep parent company FCA has issued a recall of 1.4 million cars — including such popular vehicles as the Jeep Cherokee, Dodge Charger, and Chrysler 200 — following revelations that hackers can take over a multitude of car functions, including disabling the brakes and engine.

In an article posted on Wired, software engineers Charlie Miller and Chris Valasek demonstrated the ability to remotely access a Cherokee and take over a variety of features, including those key parts of  driving via a vulnerability in the Uconnect infotainment system. This provides many internet-based services by way of a cellular connection. FCA initially released a statement playing down concerns and distributing a software update to plug the proverbial hole; On Friday the company expanded that action to a voluntary safety recall.

Recommended Videos

“FCA U.S. has applied network-level security measures to prevent the type of remote manipulation demonstrated in a recent media report. These measures – which required no customer or dealer actions – block remote access to certain vehicle systems and were fully tested and implemented within the cellular network on July 23, 2015,” says FCA’s recall announcement. This action coincides with the voluntary recall in which the initially released software patch will be installed.

Related

Ron Montoya, senior consumer advice editor at Edmunds.com reached out to Digital Trends on Wednesday when the patch was initially released to explain why drivers need not panic.

“Car owners might read about this hack and become understandably concerned, but they need to know that this is not an issue that should keep them up at night,” Montoya adds. “This week’s hack was an isolated incident that was performed on one specific vehicle and it was not something that could be replicated on a mass scale. Nevertheless, automakers recognize this as a very important issue and they’re proactively working to identify flaws in their own connected systems and address whatever issues they may find.”

jeep-interior
Image used with permission by copyright holder

Montoya also expanded on FCA’s statement that the cyber security breach “required unique and extensive technical knowledge, prolonged physical access to a subject vehicle, and extended periods of time to write code.”

“It’s important to note that these weren’t any old hackers, this was a team that had a grant from DARPA assigned to find vulnerabilities in vehicles,” he said. Miller –a former NSA hacker — and Valasek — director of vehicle security research at the consultancy IOActive — had to start physically tearing though at least 24 cars of various brands before determining that the Jeep Cherokee was the easiest nut to crack. The message here is that considerable time, money, and resources were required to pull off this wireless feat.

In other words, the likelihood of Johnny Anyhacker wantonly overriding vehicles is unlikely. But should we rest easy? Ron suggests that while we can sleep soundly, it’s automakers that should be taking note and stepping up their game. “[Cybersecurity] is something they already keep in mind, but this is something that makes automakers more aware,” he says.

Miller and Valasek will release part of their hacking software for peer review, and FCA isn’t too crazy about that.

“Under no circumstances does FCA condone or believe it’s appropriate to disclose ‘how-to information’ that would potentially encourage, or help enable hackers to gain unauthorized and unlawful access to vehicle systems,” reads a statement from the automaker. The brand further assuages fears stating that “After becoming aware of the vulnerabilities… FCA U.S. and several suppliers worked to fix the vulnerabilities in model year 2015 vehicles. FCA also created a software update that eliminates the vulnerabilities uncovered by Miller and Valasek in their laboratory tests.”

This is something the automaker also wants to make clear: “To FCA’s knowledge, there has not been a single real world incident of an unlawful or unauthorized remote hack into any FCA vehicle” (emphasis theirs).

FCA has also expanded the list of cars subject to the vulnerability. They now include:

  • 2013-15 Dodge Viper specialty vehicles
  • 2013-15 Ram 1500, 2500 and 3500 pickups
  • 2013-15 Ram 3500, 4500, 5500 Chassis Cabs
  • 2014-15 Jeep Grand Cherokee and Cherokee SUVs
  • 2014-15 Dodge Durango SUVs
  • 2015 Chrysler 200, Chrysler 300 and Dodge Charger sedans
  • 2015 Dodge Challenger sports coupes

“It’s important to reiterate that there is no real safety threat to FCA owners,” Montoya concludes. “Earlier this week we installed that patch to our own 2014 Ram 1500,” demonstrating the ease of which the patch can be updated. Owners of any FCA vehicles are still encouraged to go to this link and run their car’s VIN number to check if it falls under the recall.

Editors' Recommendations

Topics
Alexander Kalogianni
Alexander Kalogianni
Former Digital Trends Contributor
Alex K is an automotive writer based in New York. When not at his keyboard or behind the wheel of a car, Alex spends a lot of…
Mercedes-Benz EQG: range, price, release date, and more
Concept image of the larger electric G-Wagon

The G-Class is going electric. We already knew that Mercedes-Benz was working on an electric, small-size G-Wagon, but it looks like the company is also working on a larger G-Class SUV, in the form of the EQG. In fact, Mercedes has gone as far as to show off a concept version of the off-roader.

While there's much we don't know about what will become the production model of the EQG, Mercedes has also shared a lot about it. Curious about whether the Mercedes-Benz EQG could be the EV for you? Here's everything we know so far.
Design
Fear not -- the EQG will retain many of the design aspects of the G-Class that you already know and love but with a modern face-lift. The EQG will keep the boxy design that gives the G-Class a classic look but with some additional modern styling, at least if the concept version is anything to go by.

Read more
Rivian R2 vs. Kia EV9: battle of affordable electric SUVs
Kia EV9 GT-Line Three Quarters

The long-awaited Rivian R2 has finally been announced, and it's an excellent option for those who want an electric SUV that doesn't completely break the bank. Sure, the R2 isn't cheap -- but it's a whole lot cheaper than most other EVs out there, especially when it comes to SUVs. But Rivian isn't the only company trying to tackle the problem of the budget electric SUV. The Kia EV9 is finally available, and it too offers a modern design and a range of helpful features.

Given the fact that the Rivian R2 and Kia EV9 are two electric SUVs in a similar price range, you might be wondering which is better for your needs. That's why we put the Rivian R2 and the Kia EV9 head-to-head.
Design
Both the Rivian R2 and the Kia EV9 are actual SUVs -- not crossovers pretending to be SUVs, like plenty of other EVs out there. The two vehicles offer big, boxy designs and plenty of interior space, making them excellent options for families or those who need that extra storage.

Read more
Rivian R2 vs R1S: How will Rivian’s cheaper SUV compare?
The front three-quarter view of a 2022 Rivian against a rocky backdrop.

Rivian has finally unveiled the R2, its long-awaited attempt at a more affordable electric SUV. The new vehicle may not be available just yet, but fans of Rivian's design aesthetics and feature set are already looking forward to being able to order the new car. The R2 is targeted at being a more affordable take on the electric SUV and will sit alongside the flagship-tier R1S.

Let's get this out of the way right now: The R1S is most likely going to be a better vehicle than the R2. Rivian isn't replacing the R1S with the R2 — it's releasing the R2 as a more affordable alternative, and there will be some compromises when buying the R2 over the R1S.

Read more