Hackers were able to control vehicle acceleration, disable the brakes, and even steer a hacked vehicle from the privacy of their own home. This is not the first example of vehicle hacking – researchers have proven that many modern vehicles from various manufacturers can be exploited and controlled from a computer. However, this is the first example of a vehicle being exploited from a distant, remote location.
Fiat Chrysler Automobiles’ (FCA) initial response was the release of a technical service bulletin (TSB) announced July 16th, 2015. The TSB introduced a software update designed to offer customers “improved vehicle electronic security and communications system enhancements”.
It didn’t take long for the severity of the situation to escalate, as FCA later announced on July 24th, 2015 that they would conduct a voluntary safety recall regarding the manner. The recall allows customers to obtain a software update by either visiting a FCA dealership or requesting a USB device loaded with the updates. The updated software is said to patch the vulnerability of the Uconnect system and provide additional security features.
In total, FCA approximates that 1.4 million vehicles equipped with the Uconnect system are affected. This includes Ram pickups for the 2013 - 2015 model years (Ram 1500/2500/3500/4500/5500) and Jeep Cherokee/Grand Cherokee SUV’s from 2014 and 2015 model years. Owners of affected vehicles are urged to contact their local FCA dealership with any concerns.
The independent researchers who hacked the Uconnect system appear to have done so without malicious intent, although they have expressed plans to publicly reveal the technical details of the exploit.
Source: Fiat Chrysler Automobiles