A new question has been raised about the safety of Internet connected cars after the hackers remotely turned off the transmission of a moving Jeep Cherokee. The hackers were basically cybersecurity researchers, including the former NSA hacker Charlie Miller, now at Twitter, and IOActive researcher Chris Valasek.
A senior writer for Wired explained how hackers remotely turned off the transmission of a moving Jeep Cherokee:
Andy Greenberg, a senior writer for Wired knowingly took part in a demonstration by Chris Valasek and Charlie Miller. Andy was driving a Jeep Cherokee on the highway in St. Louis when the hackers took control over his SUV using a cellular connection. Firstly, they tweaked with SUV’s radio, AC, windshield wipers and then hackers remotely turned off the transmission of a moving Jeep Cherokee.
Valasek and Miller told that they took over the Jeep after finding vulnerabilities in the computer system Chrysler uses called Uconnect. Uconnect can control the car’s navigation and entertainment system, offer a Wi-Fi hotspot and can even enable phone calls.
Yesterday, Fiat Chrysler Automobiles NV, the owner of the Cherokee Jeep brand damned the two researchers for revealing their ability to hack into the jeep’s software and manipulate its radio, AC, controls and the transmission.
Since October, Valasek and Miller had been working with Chrysler and had given them sufficient time to make a patch to disable a feature that had been turned on unknowingly. They are now planning to unleash a paper at the Def Con security conference next month that includes the code for remote access. But it won’t work on cars now as the company has patched the vulnerability.
Hackers remotely turned off the transmission of a moving Jeep Cherokee and now Chrysler issued a notice on its website that a free patch for the vulnerability can now be downloaded or the vehicle owners can patch the vulnerability through dealers. “Similar to a smartphone or tablet, vehicle software can require updates for improved security protection to reduce the potential risk of unauthorized and unlawful access to vehicle systems,” said the company.