WASHINGTON (By David Morgan, Reuters) — The cybersecurity issues that led Fiat Chrysler Automobiles NV to recall 1.4 million vehicles last month could pose a problem for cars and trucks from other automakers, the top U.S. auto safety regulator said on Friday.
Mark Rosekind, who heads the National Highway Traffic Safety Administration, said his watchdog agency is trying to determine how many car makers have received radios from the company that supplied Fiat Chrysler.
“The supplier didn’t just supply radios to Chrysler but to a lot of other manufacturers,” Rosekind told reporters. “A lot of our work now is trying to find out how broad the vulnerability could be.”
Rosekind did not identify the radio supplier. Charlie Miller, one of two hacking experts who uncovered the problem, told Reuters the radio was a Uconnect system from Harman International Industries Inc. Harman officials were not immediately available for comment.
The potential raises the possibility of more automaker recalls over hacking vulnerabilities, an issue that has grabbed the attention of regulators, lawmakers and the public. On Thursday, a researcher warned that hackers could exploit a security flaw in a mobile app for General Motors Co’s OnStar vehicle communications system.
In the first action of its kind for the auto industry, Fiat Chrysler last week announced the recall of 1.4 million U.S. vehicles to install software to prevent hackers from gaining remote control of the engine, steering and other systems.
The announcement by FCA US LLC, formerly Chrysler Group LLC, followed reports that cybersecurity researchers had used a wireless connection to turn off a Jeep Cherokee’s engine as it drove, increasing concerns about the safety of Internet-enabled vehicles.
The researchers used Fiat Chrysler’s telematics system to break into a volunteer’s Cherokee being driven on the highway and issue commands to the engine, steering and brakes.
“This is the shot across the bow. Everybody’s been saying ‘cybersecurity’. Now you’ve got to step up,” Rosekind said. “You’ve got to see the entire industry proactively dealing with these things.”
NHTSA has already been in contact with the Jeep Cherokee researchers and hopes to learn more not only about their work but how serious a reaction they have seen from the auto industry.
“It’s not just about the hack. It’s what the response from the industry has been to see whether or not their issues have been acknowledged and what they’re planning. And that’s the part we have to see going forward,” Rosekind said.
Rosekind said NHTSA is also collecting information about potential issues involving GM’s OnStar, but has not begun a formal investigation.
(Additional reporting by Jim Finkle in Boston and Bernie Woodall in Detroit)