Last week, Wired ran a story detailing the latest exploits of established hackers and security experts Chris Valasek & Charlie Miller. And in this case we mean exploits – as in security exploits – quite literally. While in the past Miller and Valasek had showed exploits that could affect or control certain vehicle systems, these exploits were generally limited in the sense that they required a physical connection to the vehicle or that they only provided limited control of certain systems.
However, last week’s revelations show that the potential threat presented by insecure “smart” vehicles is no longer merely a theoretical possibility. Rather, the risk of loss of vehicle control due to the actions of a hacker thousands of miles away is now a real and actual danger. Miller and Vaselek showed that hackers can use the internet to seize control of many recent FCA vehicles leaving the driver helpless and unable to control the car or truck.
What Can the Vehicle Hack Do?
In a recent Wired article, reporter Andy Greenberg recounts driving his Jeep Cherokee on the highway along the outskirts of St. Louis when suddenly the car began to pump the AC through the vents at maximum intensity. Then, the radio turned itself on and began to blare hip-hop at maximum volume. And then, the windshield wipers and windshield fluid dispensers activated without apparent rhyme or reason. However, there was a hidden cause for the Jeeps strange behaviors: the exploits of security experts Miller and Valasek.
However, as Greenberg would soon discover, these actions merely offered a sample of the power and control the remote hackers had over the vehicle. Soon, the hackers showed the true extent of their abilities. Greenberg writes:
Immediately my accelerator stopped working. As I frantically pressed the pedal and watched the RPMs climb, the Jeep lost half its speed, then slowed to a crawl. This occurred just as I reached a long overpass, with no shoulder to offer an escape. The experiment had ceased to be fun.
At that point, the interstate began to slope upward, so the Jeep lost more momentum and barely crept forward. Cars lined up behind my bumper before passing me, honking. I could see an 18-wheeler approaching in my rearview mirror. I hoped its driver saw me, too, and could tell I was paralyzed on the highway.
The author’s harrowing experience was tempered by the fact that he knew that his vehicle would be hacked, he knew that the hackers didn’t intend to harm him, and that he was able to correspond with the hackers. Because of these factors, the author was able to maintain his composure and get to safety. However, a driver who does not expect a hack is unlikely to be able to handle the situation in a collected manner. The full extent of abilities gained through the remote vehicle hack includes:
- The ability to cut the engine while the vehicle is at lower speeds.
- Engage the brakes.
- Disable the brakes.
- Hijack the steering while the vehicle is in reverse.
- Track the Jeep’s location through GPS.
- Track the vehicle’s speed.
At one point, the hackers disabled the vehicle’s brakes sending the SUV into a ditch alongside the highway. These abilities represent only the current extent of the hack. Miller and Vaselek state that they are currently working on expanding the steering hack to cover all operational conditions.
How Can Chrysler Owners Protect Themselves Against the Hack?
On Friday afternoon officials from Fiat Chrysler revealed that customers who owned or leased affected vehicles would be provided with a USB drive containing the software patch intended to close the security gap. The security problem affects FCA vehicles with Uconnect entertainment systems installed starting in 2013 and continuing on to the present day. Affected vehicles include:
- Chrysler 200 (2015)
- Chrysler 300 (2015)
- Dodge Charger (2015)
- Dodge Challenger (2015)
- Dodge Viper (2013, 2014, 2015)
- Dodge Ram 1500 (2013, 2014, 2015)
- Dodge Ram 2500 (2013, 2014, 2015)
- Dodge Ram 3500 (2013, 2014, 2015)
- Dodge Ram 1500 chassis cab (2013, 2014, 2015)
- Dodge Ram 2500 chassis cab (2013, 2014, 2015)
- Dodge Ram 3500 chassis cab (2013, 2014, 2015)
- Jeep Cherokee (2014, 2015)
- Jeep grand Cherokee (2014, 2015)
- Dodge Durango (2014, 2015)
While FCA emphasizes that no injuries have come from these hacks, to date, the realization that there is another new highway safety risk. Automakers must account for and address problems of this type as they would with other mechanical or design problems or defects.
Injured by a Defective Vehicle?
Problems with cars, trucks, and other vehicles have contributed to serious accidents producing serious bodily injury or death for as long as vehicles have existed. If you have been seriously injured due to a defective car, truck, or van call Fayetteville AR personal injury lawyer Ken Kieklak. To schedule a free, private consultation call us at (479) 316-0438 or contact us online.