1979 Jeep Cherokee 4x4 2-door 5.9l Quadra-trac on 2040-cars

Auto blog

Aptly-named Hooligans motorcycle gang charged with stealing 150 Jeep Wranglers

Nine members of the Tijuana, Mexico-based Hooligans motorcycle gang are facing federal charges, accused of stealing 150 Jeep Wranglers in San Diego County, then moving them across the border, where they were sold or stripped for parts. "The joy ride is over for these Hooligans," said Deputy U.S. Attorney Mark Conover. "For many of us, our cars are our most valuable possessions," he said. "These arrests have put the brakes on an organization that has victimized neighborhoods in a different way, by stealing something very personal, something that has required a lot of sacrifice to purchase." Conover said the gang also stole dozens of motorcycles. The indictment alleges that the gang used old-fashioned shoe leather, a high-tech device, and a specific Chrysler dealership to pull off the thefts. San Diego County faced a rash of Wrangler thefts in 2014. Conover says most of the Jeeps were stolen in the middle of the night, and most were equipped with alarms, yet no alarm ever went off. Police were perplexed about that until they caught a break. On Sept. 26, 2014, a Jeep was stolen out of a driveway in Rancho Bernardo, where a security camera showed the thieves' method. Based on what they saw in the surveillance footage, officers sent Chrysler a list of 20 Jeeps that had been stolen and asked whether anyone had requested duplicate keys - and sure enough, a duplicate had been issued for all 20 - and all from the same dealership, in Cabo San Lucas, Mexico. The indictment alleges that the Hooligans would case a specific Jeep days ahead of stealing it, and would take down its vehicle identification number. Somehow they managed to obtain the secret key codes that would allow them to request a duplicate key for that particular Jeep. During the theft, the indictment says, the Hooligans would disable the alarms system, program the duplicate key using a handheld device, then simply drive away. The fact that Jeeps' engine bays can be easily accessed because of their external latches made the job even easier. (Authorities recommend Jeep owners purchase aftermarket locking latches.) Three of the gang members have been arrested. One was already in custody when two others were arrested this week, one of them at San Diego's massive San Ysidro border crossing. The six others facing charges are still at large and believed to be in Mexico. Seven are US citizens, while two are from Mexico. The collective value of the thefts is estimated at $4.5 million.

In Michigan, car hackers could face life imprisonment

Car hackers may not want to mess with vehicles in and around the Motor City. A pair of Michigan lawmakers introduced legislation Thursday that would punish anyone who infiltrates a vehicle's electronic systems with penalties as harsh as life imprisonment. Senate bill 927 says that "a person shall not intentionally access or cause access to be made to an electronic system of a motor vehicle to willfully destroy, damage, impair, alter or gain unauthorized control of the motor vehicle." Offenders will be deemed guilty of a felony, and may be imprisoned for any number of years up to life in prison. The proposed legislation is one of the first attempts nationally to address the consequences for car hacking, which has become a top concern throughout the auto industry. Critics have accused executives of being slow to respond to the threats, which were first known as long as six years ago but gained attention last July when a pair of researchers remotely controlled a Jeep Cherokee. In January, the industry established an Information Sharing and Analysis Center to collectively evaluate security measures and counter breaches. But the Michigan bill isn't noteworthy only because of the life penalty prescribed; it's noteworthy for what's missing in its details. Language in the bill doesn't delineate between independent cyber-security researchers and criminals who intend to inflict harm or havoc. Under its provisions, it's possible Charlie Miller, pictured below, and Chris Valasek, the researchers who demonstrated last summer that the Cherokee could be remotely commandeered and controlled, could face life behind bars. Provisions of the legislation that prevent a person from "altering" the motor vehicle could ensnare car enthusiasts or gearheads who tinker with electronic systems to boost performance, increase fuel efficiency or add aftermarket features. In that context, Senate Bill 927 seems like the latest measure in a running feud between independent researchers, gearheads and big automakers. Car companies don't like third parties poking around their electronic systems and would prefer the researchers not reveal security weaknesses. Researchers, on the other hand, say many carmakers are either slow to fix or unwilling to repair security holes unless they're able to publish their findings.

Weekly Recap: Hackers demonstrate auto industry's vulnerability

There's always been a certain risk associated with driving, and this week cyber security came into focus as the latest danger zone when researchers demonstrated how easily they could hack into a 2014 Jeep Cherokee from across the country. The incident raised concerns over the vulnerability of today's cars, many of which double as smartphones and hot spots. During the now-infamous experiment, Chris Valasek and Charlie Miller infiltrated the Jeep's cellular connection and were able to control the infotainment system, brakes, and other functions. The hackers told the Jeep's maker, FCA US, of their findings last year, the company devised a software fix. Though Valesek and Miller hacked a Cherokee (like the one shown above), several FCA products, including recent versions of the Ram, Grand Cherokee, Dodge Durango, and Viper were also affected, illustrating potentially wide exposure that could reverberate across the sector. "For the auto industry, this is a very important event and shows that cyber-security protection is needed even sooner than previously planned," Egil Juliussen, senior analyst and research director for IHS Automotive, wrote in a research note. "Five years ago, the auto industry did not consider cyber security as a near-term problem. This view has changed." Hours after the Cherokee hacking incident was publicized on Tuesday, Sens. Ed Markey (D-Mass) and Richard Blumenthal (D-Conn) introduced legislation to direct the National Highway Traffic Safety Administration and Federal Trade Commission to establish national standards for automotive cyber security. The bill also would require vehicles to have a cyber-rating system to alert consumers how well their cars' privacy and security are defended. "Drivers shouldn't have to choose between being connected and being protected," Markey said in a statement. "We need clear rules of the road that protect cars from hackers and American families from data trackers." Though FCA and its Jeep Cherokee were in the spotlight this time, they were just the latest to showcase how automotive technology has advanced faster than safety and regulatory measures. IHS forecasts 82.5 million cars will be connected to the internet by 2022, which is more than three times today's level. "Cyber-security will become a major challenge for the auto industry and solutions are long overdue," Juliussen said.