SECURITY and motoring experts have warned drivers of the Jeep Cherokee to install a software update after hackers used a flaw in a car’s infotainment system to force it off the road.
Wired has published a story by Andy Greenberg which details how white-hat hackers were able to demonstrate and expose a flaw in a car’s infotainment system to take control of the vehicle while it was driving on the highway at 100km/h.
The Wired journalist worked with security experts Charlie Miller and Chris Valasekwho installed malicious code into the car’s computer system after finding a backdoor in the Uconnect infotainment system.
At first the hackers just turned up the stereo to blast Greenberg with sound. Then they blasted him with cold air through the airconditioner.
Then they took over the car’s transmission and brakes.
Miller and Valasek alerted Chrysler, the makers of Jeep, to the flaw and a security update was issued in America last week although the driver has to install the patch with a USB drive.
Fiat Chrysler Automobiles has issues a statement, saying that the security flaw does not impact Jeep vehicles sold in Australia.
“FCA USA was made aware of a potential issue within the UConnect’s external cellular connection. On July 16, owners of vehicles with this UConnect feature were notified of an update that has now resolved this wireless connection issue,” the satement says.
“The software security update, provided at no cost to customers, also includes Uconnect improvements introduced in the 2015 model year designed to enhance customer convenience and enjoyment of their vehicle.
“Please note, no vehicles in Australia or any other international market outside of the USA were affected by this issue, as it is an American-only system not present in Australian vehicles.”
The New York Times reports that Miller and Valasek plan to used next months’ annual Black Hat and Def Con conferences to announce how, after two years, they have found ways of controlling hundreds of thousands of vehicles remotely, demonstrating how they had been able to control a car’s lights, navigation system and, in some cases, brakes and steering.
Security experts are citing the demonstration of car hacking as one of the first vulnerabilities in the Interent of Things, in which billions of machines, household appliances, vehicles and devices will all be connected to the Internet in the next few years.
The security scare comes a day after the announcement that Volvo has been given the go ahead to demonstrate driverless cars on Australian roads.