US: FCA hid hack threat from regulators for 18 months image

Fiat Chrysler Automobiles NV, the third largest US automaker and the seventh biggest in the world has postponed for 18 months telling the US auto safety regulators about a potential security threat.

The flaw has to do with the infotainment systems used by more than a million vehicles – the same that “white hat” hackers exploited last month to showcase how they can gain access to a Jeep’s function and then completely take over control. According to the automaker, the company was already developing a fix to the problem and believed the issue was not a safety flaw – though the National Highway Traffic Safety Administration begs to differ. Just a week or so after being announced about the issue by the automaker the regulator compelled FCA US to issue a safety campaign for 1.4 million cars and trucks – the first ever recall stemming from cybersecurity safety perils. And the occurrence was just days ahead of an announcement that FCA was under a consent order to pay a record fine of $105 million to settle complaints about recall performance issues.

“We want to make sure the automakers and regulators stay ahead of this,” comments Mark Rechtin, autos editor for Consumer Reports. “Once it happens, and it happens badly, no one will be able to trust their cars,” though fortunately until now there have been no instances when malevolent hackers were able to breach random vehicles. On Wednesday the two cybersecurity researchers that managed to overcome the Jeeps’ defenses have detailed their exploit during the Black Hat cybersecurity conference in Las Vegas.

Via Bloomberg