Only Fiat Chrysler cars were vulnerable to hackers, says NHTSA
The federal agency says last summer's recall of 1.4 million Jeep, Chrysler, Dodge and Ram vehicles closed the gap that allowed hackers to remotely take over a Jeep Cherokee.
The federal agency says last summer's recall of 1.4 million Jeep, Chrysler, Dodge and Ram vehicles closed the gap that allowed hackers to remotely take over a Jeep Cherokee.
Federal safety regulators have determined that only Fiat Chrysler radios have a security flaw that allowed friendly hackers to take control of a Jeep last year.
The National Highway Traffic Safety Administration said in documents posted online Saturday that it's ending a five-month investigation into the vulnerabilities of automotive radios.
The agency also said last summer's recall of 1.4 million Jeep, Chrysler, Dodge and Ram vehicles closed the opening that allowed hackers to remotely take over a Jeep Cherokee.
The hack by security experts Charlie Miller and Chris Valasek touched off the NHTSA investigation in July and raised fears that millions of cars and trucks could be vulnerable. They were able to change the Cherokee's speed and control the brakes, radio, windshield wipers and transmission through the Uconnect infotainment system.
The hackers informed Fiat Chrysler of their findings and detailed them at a cyber conference, triggering the investigation.
But the fear of widespread vulnerability to hackers appears to be unfounded. NHTSA investigators said in documents that similar radios made by Harman International went to Volkswagen, Audi and Bentley, but that those vehicles have safety systems that would stop hackers.
"Based on a thorough review of technical information supplied during the course of this investigation, there does not appear to be a reason to suspect that the infotainment head units Harman supplied to other vehicle manufacturers contain the vulnerabilities identified by FCA," NHTSA said in the documents.
In addition, the agency said Sprint, Fiat Chrysler's wireless provider, blocked access to a radio communications port that was unintentionally left open. The FCA recall also included software changes that thwarted hackers, the agency said.
"Third party security evaluation and regression testing identified vulnerabilities that were either remedied by Sprint or through updates to the FCA Uconnect software," the agency said.
NHTSA also checked 30 consumer complaints to the company and the agency but could not confirm that hackers caused any of the reported problems.
In February 2015, Sen. Edward Markey (D) of Massachusetts said that as automakers load up cars with electronics and聽wireless technology, they have failed to adequately protect those features against the possibility that hackers could take control of vehicles or steal personal data. He sent a series of questions about the technology to manufacturers, reported The Associated Press.