The Uconnect Hack And Why Companies Need To Put A Premium on Safety


July 27, 2015 | DevOps | joanna mastrocola


There are few places we feel safer than in our cars. And why wouldn’t we, we take care of our cars, we get our tires checked, we get our oil changed, and we pay a premium for fuel. We do all of these things so that when we are in the driver’s seat we feel safe and know that as we grasp the steering wheel we are in complete control… or so we think.

carChrysler was in the news last week as hackers were able to gain control of a Jeep Cherokee’s transmission. Due to a system vulnerability, hackers Charlie Miller and Chris Valasek were able to hack into Uconnect, Chrysler’s wifi system, and stop the vehicle as it merged onto the highway, the car at a dead stop as an 18-wheeler approached.

One of the most interesting commentaries that came out of this discussion was that instead of blaming the quick advances in technology, instead of wishing for the “good old days” when everything wasn’t digital, we should put more pressure on companies to put our security first; we pay a premium for their services, they should put a premium on our safety.

Take a look at these articles for the full story and some new perspective.

Andy Greenberg, the author of this piece and the driver of the Jeep, describes his time in the driver’s seat as the car was being hacked. Andy willingly participated in the event however he was never told when and where the vehicle takeover would occur.

CTV News points out that although the security concern was only recently publicized, Chrysler was alerted to this issue nine months ago. It took a while for them to come up with a fix and even the current solution isn’t ideal– car owners must download the patch on a USB and physically install it. What is even more alarming is that only 56% of drivers have their cars fixed when there is a recall, meaning many remain vulnerable.

This LA Times editorial warned automakers that they should take the Chrysler breach as a warning. The author points out that Chrysler failed to keep the most important parts, those controlling the brakes, steering, etc. separate from the parts that communicate with the outside world. Automakers are racing to create new, high-tech vehicles, ones that showcase entertainment and connectivity, yet the creators are failing to protect the vehicles from hackers working to get into the system.

This piece on was written in response to the hack.  A team in the UK, called NCC Group, found a similar flaw. They figured out how to hack into an entertainment system and then have access to the car’s brakes and steering. Andy Davis of NCC said that if there is an issue in the infotainment system for one manufacturer it would take only one stream of data to control multiple cars simultaneously.

Robert Nicholls of The Market Business delivers a new perspective on recent events. Instead of blaming technology for these problems we should put pressure on companies and police to stay properly informed and secure. Companies need to continue advancing technologically while also maintaining total security for their customers.





Keep up-to-date on security best practices, events and webinars.

Share This