Feds widen probe of vehicles that are vulnerable to hackers

Federal regulators have expanded their investigation into the cybersecurity defects that caused Fiat Chrysler to recall 1.4 million vehicles.

Initially, the National Highway Traffic Safety Administration (NHTSA) had said it was only looking into Chrysler over the flaws, which allowed security researchers to cut a Jeep’s transmission from 10 miles away. The bug was apparently in the car’s radio.

{mosads}Now, the agency is trying to figure out what other automakers may have received similarly defective parts from the radio manufacturer.

“The supplier didn’t just supply radios to Chrysler but to a lot of other manufacturers,” Mark Rosekind, head of the NHTSA, told reporters, according to Reuters. “A lot of our work now is trying to find out how broad the vulnerability could be.”

Rosekind did not name the radio maker. But the security researchers that brought the security deficiencies to light told Reuters the company is Harman International Industries, maker of the defective Uconnect system. Harman has not confirmed making the technology.

The widening investigation indicates that more recalls may be on the horizon.

“This is the shot across the bow,” Rosekind told reporters. “Everybody’s been saying ‘cybersecurity.’ Now you’ve got to step up. You’ve got to see the entire industry proactively dealing with these things.”

In the wake of the Chrysler incident, lawmakers are also looking to force automakers to bolster their cyber defenses.

Sens. Richard Blumenthal (D-Conn.) and Ed Markey (D-Mass.) are backing the Security and Privacy in Your Car (SPY Car) Act, which would direct the government to create standards that shield cars from vicious hacks.

Reps. Fred Upton (R-Mich.) and Frank Pallone (D-N.J.), the top two members of the House Energy & Commerce Committee, have also been pressing car manufacturers for details about how exactly they will enhance vehicle cyber defenses.

“Cars today are essentially computers on wheels, and the last thing drivers should have to worry about is some hacker along for the ride,” the two said in a joint statement after Chrysler announced its recall.