Security bugs in the car’s Uconnect system allow hackers to take over Jeeps, enabling them to apply the brakes, stop the engine and take control of the steering wheel over the internet.
Unlike some other car cyber-attacks which have taken place, where only the entertainment system is vulnerable, the Uconnect hackers can take control of the car, along with accessing features such as the GPS and Windscreen Wipers. Security experts are therefore urging owners to update their on-board software after hackers took control of a Jeep and crashed it into a ditch.
The hack was then replicated again by security researchers Charlie Miller and Chris Valasek. The pair were able to hack the Jeep using a laptop and a mobile phone, where they took control of the Jeep and demonstrated all the car’s vulnerabilities to a Wired reporter.
The researchers notified the manufacturer of their findings and the update was released on the 16th July, where owners need to visit the manufacturer’s website, download the update and insert it into the car’s USB socket.
“This update might not sound particularly important, but trust me, if you can, you really should install this one,” commended Charlie Miller.
The Uconnect system is installed in thousands of cars made by the Fiat Chrysler Automobile company (FCA) since 2013, the software was designed to enable owners to remotely start the car, flash the headlights and unlock the doors.
Independent Security expert Graham Cluley told the Guardian that “researchers believe that, although they’ve only tested it out on Jeeps, the attacks could be tweaked to work on any Chrysler car with a vulnerable Uconnect head unit. You should consider installing a security update that Jeep has issued for cars fitted with a model RA3 or model RA4 radio/navigation system.”