We tracked down one of the 1.4 million Fiat Chrysler car owners who was affected by the recall due to the Jeep Cherokee Hacking Incident. We didn’t have to go far to find a Jeep Cherokee owner affected by the zero-day exploit on the Harman Uconnect Infotainment system. Mark Guntrip, Group Product Marketing Manager at Proofpoint talked to us about his experience fixing the problem.
Mark learned about Jeep’s security vulnerability in the Wired article, “Hackers Remotely Kill a Jeep on the Highway—With Me in It” rather than hearing anything from the dealership or from Jeep themselves. Although he considered downloading and installing the software update himself, Mark opted to take his 2015 Jeep Cherokee to the dealer just in case something went wrong. Despite the fact that up to 30% of car owners ignore recalls, Mark found that quite a few people had come in to have their car system updated. It took about an hour to install the new software, and beyond the inconvenience of having to work in the dealership waiting room, there was nothing really significant to report. Even though it was no big deal to update, it’s the seemingly insignificant updates that can create vulnerabilities for hacker to exploit.
This particular security vulnerability revealed by car hackers Charlie Miller and Chris Valasek is history. The open cellular port that was found is now closed and a system update is available for all affected cars, but this highlights the importance for consumers to be more vigilant about updating all smart devices, including your car. Mark added, “We’re used to it with electronics like computers, phones, even watches, but anything that can connect to the Internet, or offers remote connectivity, now has to be secured and checked for security updates.”
Want to learn more? See the latest mobile security technology innovations at Proofpoint TAP Mobile Defense to secure organizations from malicious mobile applications.