It hasn’t been a good few weeks for Fiat, two security / hacking experts managed to demonstrate how easy it was to ‘break’ into a Jeep Cherokee using nothing but a laptop and their coding expertise.
The hackers revealed they broke into the Cherokee’s internet connected entertainment software and through this they were able to take over the brakes, heating controls and many other auxiliary functions.
In response Fiat Chrysler set about fixing the problem by issuing a software patch to owners only they did so in the form of a USB stick which was sent through the post.
Fiat’s solution has drawn scorn from security experts who say it could lead to organised fraudsters imitating the recall letters and USB sticks.
For example fraudsters could send out fake USB sticks and go ‘fishing’ for victims. Experts believe there should be a protocol for confirming if the USB stick is authentic.
Hackers could even reverse engineer fake USB sticks and discover how Fiat codes their software updates and potentially find new flaws to expose.
When the hack was first revealed back in July Fiat issued a voluntary recall to the 1.4 million Cherokee owners who could get their vehicles updated via dealerships. The software update patch was also available to download from Fiats website.