After the discovery of a major software vulnerability in Chrysler’s Uconnect dashboard computers, the company was forced to issue a formal recall for 1.4 million vehicles. The flaw, first uncovered in July of 2015, allows hackers to remotely control cars, via an internet connection, and expose drivers to extreme danger. The vulnerability affected all Chrysler brands equipped with Uconnect 8.4-inch touch displays, including Dodge, Jeep, and Ram models. CNN reports that the vulnerability allows hackers to “cut the brakes, shut down the engine, drive [the comprised vehicle] off the road, or make all the electronics go haywire.” After the news broke mid-July, Chrysler announced a critical software update and recommended all customers install it as soon as possible. Chrysler then fixed the loophole within its own network.
There hasn’t been any reported accidents related to this vulnerability, but this discovery created fallout for the Chrysler brand. For one, the controversy caused Congress to take note. Members of the Senate have introduced a bill to set minimum cyber security standards for automobiles. This bill will most likely pose a requirement that cars must be designed with certain security factors, like isolating physical components from those connected to the Internet to prevent hackers from taking control of your vehicle.
Another consequence for Chrysler is a potentially massive lawsuit. Three Jeep Cherokee owners have filed a compliant against Fiat Chrysler Automobiles and Harman International, the creator of the Uconnect dashboard computer. The plaintiffs are hoping to recruit Chrysler owners for a class-action lawsuit against the car company. Chrysler stands accused of fraud, negligence, unjust enrichment, and breach of warranty. As more revelations of connected cars’ vulnerabilities appear, the automobile industry joins the long line of businesses recently nailed by the shortcomings of cyber security.