Jeep Cherokee, Uconnect Vulnerable to Wireless Hacking
Technology aims to make our lives easier, but sometimes it can make it a lot scarier, too.
In a recent report from Wired, two hackers demonstrated the capability to remotely hack into a Jeep Cherokee and take full control of the vehicle wirelessly. This was done through the SUV’s Uconnect infotainment system, which has a vulnerability that the two hackers won’t identify until a later date. They are urging owners to update their Uconnect software and although they’ve only tested their hacks on a Jeep Cherokee, they believe most of their attacks could be tweaked to affect any Uconnect-equipped vehicle.
Charlie Miller and Chris Valasek began the demonstration by taking control of the Cherokee’s air conditioning, radio and windshield wipers, all from the comforts of their living room while the Jeep was traveling on a highway. To show the range of possibilities, they were able to cut off the accelerator and the driver was unable to regain control of the vehicle without shutting it off, causing the car to drive into a ditch.
SEE ALSO: Automakers Fail to Protect Cars Against Hackers: Report
Now, there’s no need to rush out and panic that hackers are remotely going to start shutting off cars and crashing them into ditches. Unfortunately, there is clearly a vulnerability with today’s infotainment systems, or at the very least, Uconnect. Miller and Valasek haven’t attempted to hack any other systems. In addition, both hackers have been sharing their research with Chrysler for nearly nine months and the company will quietly release a patch ahead of the Black Hat conference.
In a statement, Jeep parent company FCA said: “Under no circumstances does FCA condone or believe it’s appropriate to disclose ‘how-to information’ that would potentially encourage, or help enable hackers to gain unauthorised and unlawful access to vehicle systems. We appreciate the contributions of cybersecurity advocates to augment the industry’s understanding of potential vulnerabilities. However, we caution advocates that in the pursuit of improved public safety they not, in fact, compromise public safety.”
The bigger issue is that, generally, vehicle owners won’t be aware of a fix, or won’t have the knowledge to manually update their infotainment systems on their own. Regardless, if you own a vehicle with a Uconnect system, you will want to download the update here as soon as you can. If you’re unaware of how to do the update yourself, visit your local dealership as soon as possible.
[Source: Wired]
Discuss this story at our Jeep Cherokee Forum
Jason Siu began his career in automotive journalism in 2003 with Modified Magazine, a property previously held by VerticalScope. As the West Coast Editor, he played a pivotal role while also extending his expertise to Modified Luxury & Exotics and Modified Mustangs. Beyond his editorial work, Jason authored two notable Cartech books. His tenure at AutoGuide.com saw him immersed in the daily news cycle, yet his passion for hands-on evaluation led him to focus on testing and product reviews, offering well-rounded recommendations to AutoGuide readers. Currently, as the Content Director for VerticalScope, Jason spearheads the content strategy for an array of online publications, a role that has him at the helm of ensuring quality and consistency across the board.
More by Jason Siu
Comments
Join the conversation
this is not a good year for FCA