Fiat Chrysler has decided to recall about 1.4 million cars and trucks in the U.S. just days after two hackers detailed how they were able to take control of a Jeep Cherokee SUV over the Internet. The company will update software to insulate the vehicles from being remotely controlled, and it implied that the hackers committed a crime, saying in a statement Friday that unauthorized remote manipulation of a vehicle is a criminal act.
The recall affects vehicles with 8.4-inch touchscreens including 2013 to 2015 Ram pickups and chassis cabs and Dodge Viper sports cars. Also covered are 2014 and 2015 Dodge Durango and Jeep Grand Cherokee and Cherokee SUVs, as well as the 2015 Chrysler 200 and 300, and the Dodge Charger and Challenger.
All the vehicles have a certain type of radio, indicating that the company may have found and patched another area that’s vulnerable to hackers. The recall covers about 1 million more vehicles than the company had originally believed were affected.
Fiat Chrysler says it also has taken security measures on its own vehicle network to prevent hacking. Those measures require no customer action and became effective on Thursday.
The company said it knows of no incidents involving hacking of its vehicles except for the one unveiled this week. Initially the company didn’t issue a recall, but said it would contact all affected customers
The fix is a response to a recent article in Wired magazine about two well-known hackers, Charlie Miller and Chris Valasek, who remotely took control of a Jeep Cherokee through its UConnect entertainment system. They were able to change the vehicle’s speed and control the brakes, radio, windshield wipers, transmission and other features.
The Jeep incident was the latest warning to the auto industry, which is rapidly adding Internet-connected features like WiFi and navigation that are convenient for drivers but make the car more vulnerable to outside attacks. Earlier this year, BMW had to offer a software patch after hackers remotely unlocked the doors of its cars.
Miller has said he and Valasek first told FCA about their research in October and have been in touch with the company several times since then.
Owners of the recalled vehicles will get a USB drive that they can use to update the software. Fiat Chrysler says it provides added security features beyond what’s been done on the company’s vehicle network.
Customers can go to http://www.driveuconnect.com/software-update and punch in their vehicle identification number to find out if they’re included in the recall.
The company, known as FCA US LLC, also said it has set up a team focused on best practices for software development and integration into vehicles.