Hackers drive Jeep into ditch exposing potentially fatal security flaw

Hackers have managed to take control of a Jeep car and drive it into a ditch, leaving the driver powerless to prevent it. Owners of Fiat Chrysler Automobiles (FCA) vehicles are being urged to update their on-board software after white-hat hackers exploited a security hole. The flaw in FCA’s on-board internet-enabled software allows hackers to affect everything from windscreen wipers and GPS, to steering and braking. The system - called Uconnect - has been installed in hundreds of thousands of car models manufactured since late 2013, and is designed to allow the doors to be unlocked and the car to be started with the tap of an app. But two security researchers have shown how easy it is to take control of the car using only a laptop and mobile phone.

Drivers shouldn’t have to choose between being connected and being protected.

Senator Edward Markey

They demonstrated it for a Wired magazine article, forcing a car driven by reporter Andy Greenberg off the road. The video shows the steering wheel turning without being touched, as well as the car doors locking. The car then trundles off the road and into a grassy ditch. They say it is important that owners update their vehicles. However, the process is not automatic; it requires owners to download a programme to a flash drive from the FCA’s website. FCA brands include Alfa Romeo, Chrysler, Dodge, Fiat and Jeep. Only those vehicles with the Uconnect  system need to be updated.

Right now, I could do that to every [Chrysler] car in the United States on the Sprint network.

Wired ‘hacker’ Charlie Miller