Earlier this month, as part of an experiment, a writer for Wired agreed to be the willing subject of a car-hacking attempt.
While driving a Jeep Cherokee, two hackers—Charlie Miller and Chris Valasek—remotely did everything from blasting cold air through the vehicle's vents, blaring hip-hop through the speakers, spraying windshield wiper fluid and even appearing on the dashboard display system, before disabling the SUV, leaving it stranded on the side of the highway. Although it was controlled, the experiment showed how scary it can be for a vehicle to be hacked into while driving.
What the hackers proved is their technique—which the security industry has dubbed a "zero-day exploit"—can leave Jeep Cherokees and other vehicles vulnerable to attack. Hackers are able to gain access to Cherokees' steering, brakes and dashboard features through the vehicle's Uconnect, the Internet-connected computer component in many Fiat Chrysler vehicles. Miller and Valasek noticed an incredibly vulnerable element of Uconnect, which lets hackers tap into a car's IP address and access it remotely from anywhere in the country.
Wired is reporting that senators Ed Markey and Richard Blumenthal will introduce an automotive security bill Tuesday (July 21) to bolster digital secruity standards for vehicles. In addition, Chrysler's new software update for Uconnect includes a patch designed to prevent hackers' attempts to compromise its vehicles through the Internet connection.
In fact, Wired is reporting that Miller and Valasek have been working with Chrysler for the past nine months on the patch. Late-model Chrysler owners with the Uconnect feature can manually update the software by downloading the update, putting it on a USB drive and plugging it into the vehicle's dashboard port or they can simply bring it to their nearest Chrysler dealership.
Chrysler vehicles with Uconnect from late 2013 through early 2015 should have their software updated. In addition, Chrysler informed Wired that 2013-2014 Dodge Rams, 2013-2014 Dodge Vipers, and 2014 Jeep Cherokees, Jeep Grand Cherokees, and Dodge Durangos as all vulnerable to the Uconnect attack as well. So are the 2015 Jeep Cherokees, Jeep Grand Cherokees, and Chrysler 200s. All owners of those vehicles should have the software updated.