Fiat Chrysler recalls cars for software security glitch

Old carsFiat Chrysler is recalling 1.4 million cars in the United States to install software to prevent hackers from gaining remote control of the engine, steering and other systems.

The recall has the dubious honour of being the first of its kind. Normally recalls are for mechanical problems which are dangerous to life and limb. They usually happen after an accident or something which has drawn the snuffling nose of a safety watchdog.

The announcement was made days after reports that cybersecurity researchers used a wireless connection to turn off a Jeep Cherokee’s engine as it drove, increasing concerns about the safety of Internet-enabled cars.

The researchers used Fiat Chrysler’s telematics to break into a volunteer’s Cherokee being driven on the highway and issue commands to the engine, steering and brakes.

The National Highway Traffic Safety Administration (NHTSA) will look into whether FCA’s software upgrade was enough to protect consumers from hackers. The FCA said in its recall announcement that it was unaware of any injuries.

A spokesman for NHTSA said that it was the first recall of cars because of concerns about cybersecurity, and experts said they hoped it would send a shock through the auto industry and beyond it.

Products designed to be accessible by means including smartphones leave a large “attack surface” that is easier to penetrate. However a car is an object which is not that easy to automatically update. Also any update could break something else in the car.

Automakers have until now sought to play down the threat that hackers could gain control of a vehicle using a wireless connection.

While hackers had previously showed the ability to tamper with onboard systems using a physical connection to the car’s diagnostic system, the researchers could control the Jeep Cherokee remotely.