BETA
This is a BETA experience. You may opt-out by clicking here

More From Forbes

How Is Musk Going To Pay For Tesla's Chinese Gigafactory?
How Much Safer Should Self-Driving Cars Be? Try 0%
Intel Signs On As Tech Partner For Baidu's 'Apollo' China Robot Car Alliance
Musk's Next Task After Mad Dash To Tesla Model 3 Assembly Goal: Do It Every Week
Report: How SUVs Are Creating The Killing Streets Of America
BMW Is Gearing Up To Mass-produce Batteries In-house For 2020
Edit Story
ForbesIndustryTransportation OLD

How To Protect Your Car From Being Hacked

Joann Muller
Forbes Staff
I write about industrial innovation and the global auto industry
Following
This article is more than 8 years old.

As if we didn't have enough to worry about, now we have to worry about our car getting hacked by terrorists or anarchists - or even computer nerds trying to make a point.

The idea that someone could remotely take over your car and cause it to behave erratically has been talked about for several years -- though typically dismissed by auto companies as an irrational fear.

But it all got real on Tuesday after Andy Greenberg, a former FORBES writer now at Wired.com, posted a chilling story about how two hackers sitting on their living room couch managed to remotely take control of the Jeep Cherokee he was driving on a busy freeway in St. Louis. The car's air conditioner suddenly cranked up to full blast, the radio started blasting hip-hop music and the windshield wipers kicked on. Then it got really dangerous as the hackers remotely turned off the car's engine.

It was all part of an experiment to draw attention to the cyber-security risks in today's cars which have morphed into rolling computers. The hackers, Charlie Miller and Chris Valasek, were able to exploit a weak spot in the Jeep's Uconnect system, which links the vehicle to the Internet. It turns out as many as 471,000 Chrysler, Dodge, Jeep and Ram vehicles equipped with the 8.4-inch U-Connect touchscreen system could be vulnerable. All are made by Fiat Chrysler Automobiles.

The big question: what should you do about it?

The good news -- if you own one of the affected vehicles -- is there's a fix. But unlike the remote hacking, it doesn't happen automatically. It's up to you to download the software update from FCA, or take it to your local dealer to have the update performed. Fiat-Chrysler Automobiles has a website where you can enter the Vehicle Identification Number of your car and download the update. (The VIN is listed on your vehicle registration card and your insurance card, or you can find it at the bottom of the driver’s side window.)

To test the process, Consumer Reports downloaded the software -- 690 MB -- onto a flash drive and said it took about four minutes. After inserting the drive into the USB port of their Chrysler 200 sedan, it took 17 minutes to update. It was relatively painless.

In a blog post earlier today, FCA's PR boss, Gualberto Ranieri, was emphatic: "To FCA’s knowledge, there has not been a single real world incident of an unlawful or unauthorized remote hack into any FCA vehicle."

Still, Wired proved that the possibility exists, which is why you should take time to update your car's software. (While you're at it, check to see what recalls might also affect your car and take care of them now.)

Chrysler says the vehicles listed below that have a 8.4 inch touchscreen radio system need the software update:

  • 2013-2014 Ram 1500 Pickup
  • 2013-2014 Ram 3500 Cab Chassis
  • 2013-2014 Ram 2500 Pickup
  • 2013-2014 Ram 4500/5500 Cab Chassis
  • 2013-2014 Ram 3500 Pickup
  • 2014 Grand Cherokee
  • 2014 Durango
  • 2013-2014 Viper
  • 2014 Cherokee
  • Some 2015 Chrysler 200s

This kind of thing is going to happen more often, which is why U.S. Senators Ed Markey (D-Mass.) and Richard Blumenthal (D-Conn.) this week introduced a bill to toughen vehicle security and privacy standards.

Gallery: The Best Cars For Commuters 2015
11 images
View gallery

 

Joann Muller
Joann Muller