If you own a newer Jeep Grand Cherokee or Dodge Durango, you will want to check this out: Fiat Chrysler Automobiles is recalling 1.4 million cars due to a security flaw that leaves the vehicles vulnerable to complete takeovers from hackers.
Yes, over a million popular cars can be commandeered by hackers from thousands of miles away.
This is a response to a Wired investigation demonstrated how hackers can exploit a security hole in the UConnect software installed in many of the company’s popular new models. The software has a flaw can be used to take control over the vehicles, cutting transmission and endangering/scaring the bejeezus out of the people in the car.
People who own those millions of cars won’t all get shiny, new, unhackable versions of their rides. They’ll just get a USB stick. FCA’s recall will give people a software update on a USB that fixes the security hole discovered by researchers.
FCA published a full list of the car models that are vulnerable to total takeovers from hackers:
Affected are certain vehicles equipped with 8.4-inch touchscreens among the following populations:
- 2013-2015 MY Dodge Viper specialty vehicles
- 2013-2015 Ram 1500, 2500 and 3500 pickups
- 2013-2015 Ram 3500, 4500, 5500 Chassis Cabs
- 2014-2015 Jeep Grand Cherokee and Cherokee SUVs
- 2014-2015 Dodge Durango SUVs
- 2015 MY Chrysler 200, Chrysler 300 and Dodge Charger sedans
- 2015 Dodge Challenger sports coupes
If you’re not sure if your vehicle is affected, FCA has a website where you can input your Vehicle Identification Number to see.
Giving people a USB stick as protection against getting their cars zombified sounds like a wimpy response from FCA, but this doesn’t mean you need to panic. It’s scary that cars with internet-connected software are now vulnerable to cyberattacks, but this exploit hasn’t been used “in the wild.” The researchers who found it were experts who had easy access to the car’s IP address. It’s not like run-of-the-mill car car jackers will know how to manipulate this flaw. This does mean that it’s time for car makers to double down on prepping their car software against thieves and trolls who want to exploit it.
In the meantime, who wants to take the friggin train?
Image via Getty