2014 Jeep Cherokee
Patrick Rall's picture

Hacked Jeep Software Social Media Frenzy Caused by Poor Reporting

The Chrysler Group has recalled around 1.4 million vehicles as a result of a problem with their vehicle software that may allow a hacker to access the control system, but poor reporting by most large media outlets have turned this problem from a simple fix for a questionably troublesome issue into what seems to many to be a massive risk to the general public.

If you pay any attention to the American auto industry, you are surely well aware that the Chrysler Group has recently come under fire when a pair of hackers were able to gain control of a Jeep Cherokee remotely and while doing so, they were able to direct the vehicle into a ditch on the side of the highway. That is how the story is being reported by a great many large media outlets, because making a story sound scarier than it really is leads to more traffic and more traffic leads to more revenue.

With this in mind, these outlets have omitted vital facts from the original Wired story that, when included, show that this hacked Chrysler vehicle software issue is nowhere as deadly as some outlets would have you believe. In doing so, they have created a social media frenzy as Chrysler owners scramble to find out whether the kid in their neighbor’s basement will be able to control their Jeep from his iPad, but I am here to set the story straight with anyone who will take the time to read it.

What Really Happened with the Hacked Jeep
This whole issue came about when a guy from the outlet Wired worked with two professional hackers to see if they could use the advanced infotainment system, which includes an internet connection, to access the various controls of the vehicle. The little team spent months working with the Jeep in question in their presence, so they were able to work their hacker magic on a vehicle that was in their possession.

Once the hackers had figured out how to access the Jeep Cherokee, they made some practice runs in a parking lot where they could see the vehicle at all times and once those initial runs went smoothly, they set out to hack the SUV remotely while the writer from Wired was driving it.

The hackers were able to control all of the electronically controlled aspects of the vehicle, ranging from the windshield wipers and sound system to the braking and ignition components. As a result, the Wired writer ended up in a ditch, but he knew that it was all about to happen, as he had worked with the two hackers for months to make this situation work out as “well” as it did.

What is also excluded was that as soon as the hackers had successfully taken control of the Jeep Cherokee through the internet connection, they went to Chrysler with their findings and as a result, the automaker was able to design an easy-to-install fix that prevents hackers from gaining access to the vehicle’s controls.

Poor Reporting Twists the Story
Unfortunately, a great many of the large media outlets in the US took that initial story and changed it by skipping some of the vital facts. Stories from some of these larger outlets read as “a guy was driving his Jeep Cherokee and he crashed when two hackers gained control of the vehicle”.

That sounds much scarier, so that story travels a bit better than the Wired story and since many of these half-vast reports come from larger, more “trusted” sources than Wired, many people believed that suddenly their Chrysler Group vehicle was no longer safe to drive.

Mind you, while the vehicle hacked was a newer Jeep Cherokee and it simply “crashed” into a ditch, many outlets are using pictures of other Jeeps (not Cherokees) which have been involved in a much worse accident. In some cases, the vehicles shown wrecked aren’t even included in the recall, as they don’t have the software in question to begin with, but putting a badly wrecked Jeep intensifies the story that much more.

Again, those outlets didn’t report anything that didn’t happen, but by cutting out some vital details, the story gets a whole lot saucier…thus bringing in more traffic. The problem is that in making the story sound much worse than it really is, it has created a firestorm of bad information on social media. These poor reports have led many people to believe that any car with internet can be hacked into remotely and we are all doomed by our own push for greater technology and connectivity.

In reality, the problem was fixed before the Wired story came out and the odds are good that we won’t see any vehicles hacked in this method in the real world. Remember, the hackers had months of access to this vehicle in order to prepare to hack into the system. Getting the patch guarantees that your Chrysler Group product is safe, but not letting hackers poke around in your vehicle’s computer system is a good first step towards safe motoring.

The Fix is Simple and Ready
While the vehicle hacked was a new Jeep Cherokee, the recall applies to all vehicles with the similar infotainment system setup. This includes all 2013-2015 Ram trucks including chassis cab models, the 2013-2015 Dodge Viper, the 2014-2015 Dodge Durango, the 2014-2015 Jeep Grand Cherokee, the 2014-2015 Jeep Cherokee and the 2015 model year Chrysler 200, Chrysler 300, Dodge Charger and Dodge Challenger.

The fix for this hacking issue is as simple as uploading and running a software patch that prevents the type of access used to crash the Jeep in the Wired article and once that patch has been run, the vehicle is hacker-safe with a patch developed with the help of the two guys who figured out how to hack into the system in the first place.


Sign-up to our email newsletter for daily perspectives on car design, trends, events and news, not found elsewhere.