2001 - Jeep Wrangler on 2040-cars

Auto blog

Jeep in St. Louis hacked from Pittsburgh

One of America's most popular vehicles contains a security flaw that allows hackers to remotely commandeer it from anywhere on the planet. Cyber-security researchers Chris Valasek and Charlie Miller say they've accessed critical vehicle controls on a 2014 Jeep Cherokee that allowed them to remotely control critical vehicle functions like braking, transmission function, and steering. Automakers have downplayed the possibility a car could be remotely compromised, but the significance of the findings detailed Tuesday could cause them to reevaluate the threats posed to hundreds of thousands of vehicles already on the road. A key finding – the pair needed no physical access to the Jeep to pull off the attack. Valasek and Miller accessed the controls via a security hole in the Sprint cellular connection to Chrysler's UConnect infotainment system. In the course of their research, Valasek sat in his Pittsburgh home and remotely manipulated Miller's Jeep as he drove along a highway outside St. Louis. If you know a car's IP address, they say, a hacker could control it from anywhere. "We didn't add anything, didn't touch it," Valasek told Autoblog. "A customer could drive one of these things off a lot, and they'd have no clue it had these open attack surfaces." Remotely, he disabled brakes, turned the radio volume up, engaged windshield wipers and tampered with the transmission. Further, they could conduct surveillance on the Jeep, measuring its speed and tracking its whereabouts. They conducted the experiments over multiple breaches. They made their findings public on the same day the National Highway Traffic Safety Administration, the federal agency in charge of vehicle safety, released its latest report on the readiness of government and automakers to fend off these sorts of cyber attacks. Later today, two US Senators are expected to introduce legislation that would help consumers better understand the potential risks of car hacking. In the early stages of their research, Valasek and Miller found a security flaw in the car's wi-fi that allowed them to remotely manipulate controls from a range of about three feet. But in recent months, they found another vulnerability in the Sprint cellular connection in the UConnect system. That was a key breakthrough. "Lo and behold, we found we could communicate with this thing using cellular, and then more research, and 'Holy cow,' we're using the Sprint network to communicate with these vehicles," Valasek said.

Infiniti looking for a new boss after Christian Meunier leaves to lead Jeep

Nissan's premium division Infiniti is expected to announce a new acting global chief for the brand, the company said, after its current head, Christian Meunier, left to lead the Jeep unit of Fiat Chrysler Automobiles. Nissan's chief quality officer Christian Vandenhende will oversee Infiniti's global operations effective immediately, until a new brand chief is named, Infiniti said in the statement on Tuesday. Meunier, 51, was named Infinit's global chief in early January after its previous boss Roland Krueger left the Hong Kong-based brand. Meunier will take over as global president for SUV-focused Jeep effective immediately, Fiat Chrysler said in a separate statement. Fiat Chrysler CEO Mike Manley had been running Jeep until he was elevated to the top job in July after the death of Sergio Marchionne. Meunier has international experience from his years with Ford, Land Rover, Nissan and Infiniti, which may prove valuable as Jeep attempts to expand overseas with a lineup of new products including the Gladiator pickup, a Wrangler plug-in hybrid, and the revived Wagoneer and Grand Wagoneer nameplates. He's worked mostly in sales and marketing roles, including as senior vice president of sales, marketing and operations for Nissan North America; chairman of Nissan Canada; and his recent role heading up Infiniti. An Infiniti spokesman said Meunier's resignation was not related to Nissan's internal investigation into its former leader Carlos Ghosn.

Autoblog Minute: FCA hit with record fine, issues recall and buyback

FCA, found in violation of the Motor Vehicle Safety Act, agrees to buyback recalled models as part of record penalties issued by National Highway Traffic Safety Administration. The cars in question are more than half a million Chrysler vehicles with defective suspension parts that could cause cars to lose control, and more than a million Jeeps that are prone to deadly fires. Autoblog's Eddie Sabatini reports on this edition of Autoblog Minute, with expert commentary from Pete Bigelow. Show full video transcript text [00:00:00] FCA faces record penalties as the National Highway Traffic Safety Administration finds the automaker in violation of the Motor Vehicle Safety Act. I'm Eddie Sabatini and this is your Autoblog Minute. Penalties for the automaker include submitting to increased government oversight, a hundred and five million dollar civil penalty, as well as, mandates to buy back defective vehicles from owners and payment for repairs. The cars in question are [00:00:30] more than half a million Chrysler vehicles with defective suspension parts that could cause cars to lose control, and more than a million Jeeps that are prone to deadly fires. Autoblog's Pete Bigelow discussed the NHTSA findings with us. [00:01:00] [PETE BIGELOW INTERVIEW] This fine and buyback recall, combined with the 1.4 million vehicles recalled over remote hacking concerns makes for a rough couple of weeks for FCA. For Autoblog, I'm Eddie Sabatini. Autoblog Minute is a short-form video news series reporting on all things automotive. Each segment offers a quick and clear picture of what's happening in the automotive industry from the perspective of Autoblog's expert editorial staff, auto executives, and industry professionals.