Skip to main content

Jeep, Dodge, Chrysler maker recalls 1.4 million vehicles amid car hacking fears

Jeep parent company FCA has issued a recall of 1.4 million cars — including such popular vehicles as the Jeep Cherokee, Dodge Charger, and Chrysler 200 — following revelations that hackers can take over a multitude of car functions, including disabling the brakes and engine.

In an article posted on Wired, software engineers Charlie Miller and Chris Valasek demonstrated the ability to remotely access a Cherokee and take over a variety of features, including those key parts of  driving via a vulnerability in the Uconnect infotainment system. This provides many internet-based services by way of a cellular connection. FCA initially released a statement playing down concerns and distributing a software update to plug the proverbial hole; On Friday the company expanded that action to a voluntary safety recall.

Recommended Videos

“FCA U.S. has applied network-level security measures to prevent the type of remote manipulation demonstrated in a recent media report. These measures – which required no customer or dealer actions – block remote access to certain vehicle systems and were fully tested and implemented within the cellular network on July 23, 2015,” says FCA’s recall announcement. This action coincides with the voluntary recall in which the initially released software patch will be installed.

Ron Montoya, senior consumer advice editor at Edmunds.com reached out to Digital Trends on Wednesday when the patch was initially released to explain why drivers need not panic.

“Car owners might read about this hack and become understandably concerned, but they need to know that this is not an issue that should keep them up at night,” Montoya adds. “This week’s hack was an isolated incident that was performed on one specific vehicle and it was not something that could be replicated on a mass scale. Nevertheless, automakers recognize this as a very important issue and they’re proactively working to identify flaws in their own connected systems and address whatever issues they may find.”

jeep-interior
Image used with permission by copyright holder

Montoya also expanded on FCA’s statement that the cyber security breach “required unique and extensive technical knowledge, prolonged physical access to a subject vehicle, and extended periods of time to write code.”

“It’s important to note that these weren’t any old hackers, this was a team that had a grant from DARPA assigned to find vulnerabilities in vehicles,” he said. Miller –a former NSA hacker — and Valasek — director of vehicle security research at the consultancy IOActive — had to start physically tearing though at least 24 cars of various brands before determining that the Jeep Cherokee was the easiest nut to crack. The message here is that considerable time, money, and resources were required to pull off this wireless feat.

In other words, the likelihood of Johnny Anyhacker wantonly overriding vehicles is unlikely. But should we rest easy? Ron suggests that while we can sleep soundly, it’s automakers that should be taking note and stepping up their game. “[Cybersecurity] is something they already keep in mind, but this is something that makes automakers more aware,” he says.

Miller and Valasek will release part of their hacking software for peer review, and FCA isn’t too crazy about that.

“Under no circumstances does FCA condone or believe it’s appropriate to disclose ‘how-to information’ that would potentially encourage, or help enable hackers to gain unauthorized and unlawful access to vehicle systems,” reads a statement from the automaker. The brand further assuages fears stating that “After becoming aware of the vulnerabilities… FCA U.S. and several suppliers worked to fix the vulnerabilities in model year 2015 vehicles. FCA also created a software update that eliminates the vulnerabilities uncovered by Miller and Valasek in their laboratory tests.”

This is something the automaker also wants to make clear: “To FCA’s knowledge, there has not been a single real world incident of an unlawful or unauthorized remote hack into any FCA vehicle” (emphasis theirs).

FCA has also expanded the list of cars subject to the vulnerability. They now include:

  • 2013-15 Dodge Viper specialty vehicles
  • 2013-15 Ram 1500, 2500 and 3500 pickups
  • 2013-15 Ram 3500, 4500, 5500 Chassis Cabs
  • 2014-15 Jeep Grand Cherokee and Cherokee SUVs
  • 2014-15 Dodge Durango SUVs
  • 2015 Chrysler 200, Chrysler 300 and Dodge Charger sedans
  • 2015 Dodge Challenger sports coupes

“It’s important to reiterate that there is no real safety threat to FCA owners,” Montoya concludes. “Earlier this week we installed that patch to our own 2014 Ram 1500,” demonstrating the ease of which the patch can be updated. Owners of any FCA vehicles are still encouraged to go to this link and run their car’s VIN number to check if it falls under the recall.

Alexander Kalogianni
Former Digital Trends Contributor
Alex K is an automotive writer based in New York. When not at his keyboard or behind the wheel of a car, Alex spends a lot of…
Never mind slowing sales, 57% of drivers will likely have an EV in 10 years

Sales of electric vehicles (EVs) have slowed globally over the past few years. But should EV makers cater more to the mainstream, it’s likely that 57% of drivers will have an EV in 10 years, consulting firm Accenture says.

Last year, nearly 14 million EVs were sold globally, representing a 35% year-on-year increase. But it was much slower than the 55% sales growth recorded in 2022 and the 121% growth in 2021.

Read more
I spent a week with an EV and it completely changed my mind about them
The Cupra Born VZ seen from the front.

After spending a week with an electric car as my main vehicle, opinions I’d formed about them prior to spending so much time with one have changed — and some quite dramatically.

I learned that while I now know I could easily live with one, which I wasn’t sure was the case before, I also found out that I still wouldn’t want to, but for a very different reason than I expected.
Quiet and effortless

Read more
Trade group says EV tax incentive helps U.S. industry compete versus China
ev group support tax incentive 201 seer credit eligibility

The Zero Emission Transportation Association (ZETA), a trade group with members including the likes of Tesla, Waymo, Rivian, and Uber, is coming out in support of tax incentives for both the production and sale of electric vehicles (EVs).

Domestic manufacturers of EVs and their components, such as batteries, have received tax incentives that have driven job opportunities in states like Ohio, Kentucky, Michigan, and Georgia, the group says.

Read more