igor - Fotolia

Fiat Chrysler recall highlights importance of security by design

Fiat Chrysler's vehicle recall – to fix cyber security vulnerabilities – highlights the cost and reputation damage of failing to ensure systems are secure by design

Fiat Chrysler’s recall of 1.4 million vehicles in the US – for a computer system security update – highlights the cost and risk of failing to ensure security by design.

The company ordered the recall just days after security researchers Charlie Miller and Chris Valasek demonstrated they could take control of a Jeep Cherokee by hacking into its computer systems from 10 miles away.

The pair developed software that enabled them to send commands through the Jeep’s entertainment system to its dashboard functions, steering, brakes and transmission.

Miller and Valasek worked with Fiat Chrysler to develop a security update for vehicles fitted with a model RA3 or model RA4 radio/navigation system before they went public.

Initially, only 470,000 vehicles were thought to be affected and Fiat Chrysler appeared content to rely on vehicle owners to download the security updates. But the company subsequently decided on a recall as the number grew of affected vehicles grew by a million.

In addition to Jeep Cherokees, affected vehicles include some Dodge Viper sports cars, the 2015 Dodge Charger and Challenger, the 2014 and 2015 Dodge Durango and the 2015 Chrysler 200 and 300.

The US National Highway Traffic Safety Administration opened an investigation to check the effectiveness of the Fiat Chrysler recall and encouraged vehicle owners to get the security update as soon as possible, reported the Belfast Telegraph.

The recall of vehicles by Fiat Chrysler and Land Rover, to fix cyber security vulnerabilities in the same month, illustrates the direct cost and reputation damage as a result of a failure to ensure that computer systems used in cars are secure by design.

“The good news is that secure software development isn’t a novel concept,” said Tim Erlin, director of IT security and risk strategy at Tripwire.

“There are known best practices that can be applied to automotive software as well. Fiat Chrysler has an opportunity to use this incident to pioneer software security for the automotive industry.”

Automotive software updates

Erlin said the recall is likely to drive changes around how software is updated for all manufacturers.

“While new update methods can be built into new vehicles, there are millions of cars already on the road to consider and, with security of vehicle software now a safety issue, manufacturers will need to adapt,” he said.

Ken Westin, senior security analyst for Tripwire said that, although the actual possibility of the Fiat Chrysler vulnerability being used in a real attack is slim, vehicle cyber security is still a relatively new area of research.

Read more about security by design

“We will begin to see more vulnerabilities in vehicle systems, which means car manufacturers will need to develop safe and secure methods of updating software in these systems, either through dealerships or possibly even remotely – but that could introduce more vulnerabilities,” he said.

With car manufacturers increasingly adding connected and high-tech components to vehicles, Westin said they will need to need to add security to their safety and reliability quality assurance processes to retain their brand integrity.

“You can develop that most advanced vehicle that has all of the latest safety features and high-tech gadgets in it, but if it can be bricked by remote exploits, you are going to have wary consumers who may choose the next brand of vehicle, because they put more emphasis on security,” he said.

Car internet connection unnecessary

Kaspersky Lab security researcher Marta Janus said everything connected to the internet is prone to attacks and can be hacked. 

While computers, smart phones and tablets would be next to useless without an internet connection, she said there is no real advantage of having a car with access to the internet.

“For navigation and remote door opening, a centralised online system isn’t necessary, and the few convenience features that would be impossible without internet connection are not really worth the dire risk of being hacked,” said Janus.

“In my opinion, transportation – together with industrial systems and other critical infrastructure – shouldn't use public internet at all. Instead, they should build separate networks, featuring unique and custom-made secure protocols to reduce the risk of fatal hacking,” she said.

Read more on Hackers and cybercrime prevention