Regulators Investigating Harman Kardon After Remote Hack Of Jeep

(FastFords)

This vehicle was not hacked.  (FastFords)

UPDATE: A day after regulators announced they had opened an investigation into Harman Kardon to determine if vehicles – other than the recently recalled 1.4 million Fiat Chrysler models – equipped with certain infotainment systems were susceptible to remote hacks, the company assured investigators and consumers that the previously reported hack was an isolated incident.

The National Highway Traffic Safety Administration opened an investigation into Harman Kardon following a report last month that suggested certain Fiat Chrysler vehicles were susceptible to remote hacks.

The company now tells Reuters that the issue with the Chrysler vehicles – which ultimately led to the recall of 1.4 million cars – isn’t widespread.

“We do not believe this problem exists in any other car outside of Fiat Chrysler,” Harman Chief Executive Dinesh Paliwal told Reuters.

—-ORIGINAL POST—-

Following a report last month that suggested certain Fiat Chrysler vehicles were susceptible to remote hacks, the auto maker issued a software patch and a subsequent recall. Now, federal regulators are taking over, opening an investigation not into the car manufacturer, but the company behind the radios that provide an entryway for would-be hackers.

The National Highway Traffic Safety Administration announced that it will probe Harman Kardon, the maker of the infotainment system used by two researchers to take control of a 2014 Jeep Cherokee from miles away, to determine if vehicles by other manufacturers could be at risk for remote hacks.

According to a notice [PDF] from NHTSA, the investigation was opened to obtain information about the Harman-supplied Chrysler Uconnect units to determine the nature and extent of similarities in other infotainment products provided to other vehicle manufacturers.

“If sufficient similarities exist, the investigation will examine if there is cause for concern that security issues exist in other Harman Kardon products,” NHTSA states in the notice.

Regulators estimate that Harman has supplied infotainment systems of some kind for about 2.8 million vehicles.

Fiat Chrysler (FCA) issued a software patch for its Uconnect onboard system in late July, though at that time it didn’t directly acknowledge the Wired.com report of what it was like to be inside a hijacked Jeep.

Just days later, the company announced it would recall 1.4 million vehicles that include the Uconnect units.

In a notice [PDF] to NHTSA regarding that recall, FCA detailed how software security vulnerabilities in the recalled vehicles could allow unauthorized third-party access to, and manipulation of, networked vehicle control systems.

“Unauthorized access or manipulation of the vehicle control systems could reduce the driver’s control of the vehicle increasing the risk of a crash with an attendant increased risk of injury to the driver, other vehicle occupants, and other vehicles and their occupants within proximity to the affected vehicle,” the notice states.

Customers affected by the recall will receive a USB device that they may use to upgrade vehicle software, which provides additional security features independent of the network-level measures.