These days the owners of vehicles produced by Fiat Chrysler Automobiles are urged to update their cars’ onboard software. Security experts found a loophole in FCA’s internet-enabled software name“Uconnect”, which can be used by hackers in order to connect to the cars’ software system and take control over the brakes and the engine.
This cyber-attack is a more serious one than the ones that preceded it, because in the past – only the entertainment system used to get hacked. The Uconnect hack can paralyze the GPS, brakes, windscreen, engine control and steering systems, which is a risk that drivers and passengers cannot take.
For owners of vehicles that are equipped with the Uconnect system, it’s recommended to consult with a qualified car locksmith service, prior to making the update. Although it’s not an extremely complicated process, it’s better to make sure that everything is done right, by an experienced specialist.
The Uconnect system allows hundreds of thousands of car owners to remotely unlock the doors, start the car and flash the headlights using an app. The system was installed in all cars made by the FCA group since late 2013.
Demonstrating the Security Hack
Two security researchers who demonstrated attacks on a Ford Escape and a Toyota Prius, Chris Valasek and Charlie Miller, demonstrated the Uconnect system hack. They took control of a Jeep Cherokee, driven by the reporter Andy Greenberg, using a mobile phone on the Sprint network and a laptop.They demonstrated their ability to control the jeep, leaving the driver completely unable to change anything.
The hack of the Uconnect system is unique and different from other hacking attempts on cars, as it allows cybercriminals to fully control the car from a distance.
Chris Valasek and Charlie Miller notified the car manufacturer ten months ago, giving Fiat Chrysler time to publish a security update to address the problem, which was done on the 16th of July.
This update, however, requires users to manually update their automobiles, by downloading the software and installing it through the car’s USB socket. The company is unable to update the carsautomatically, but FCA dealers can help car owners do this.
Miller tweeted that although the update might not sound predominantly important, it’s better to go the extra mile and install the update.
Graham Cluley, an independent expert, added that although the researchers proved that it worked on Jeeps, the attacks could affect any Chrysler vehicle with an Uconnect head unit. He added that the security update should be installed on all cars that are equipped with a model RA4 or model RA3 radio/navigation system.
At this point, it is not clear whether all the Uconnect-equipped cars in the US can be hacked, or only certain models.
In an effort to identify and eliminate vulnerabilities in the conventional business course, the FCA tests and monitors the information systems of all its products. The software update can help customers update their communications and the electronic security system of their vehicles, by either downloading and installing the update on their own, or getting it updated for free by a dealer.