Mark Rosekind, head of the National Highway Traffic Safety Administration, expressed concerns on Friday that the same head units used in the recalled FCA vehicle could be equipped in other manufacturers’ vehicles, meaning there could be millions of vulnerable vehicles on still on American roads.
“The supplier didn’t just supply radios to Chrysler but to a lot of other manufacturers,” Rosekind told Reuters. “A lot of our work now is trying to find out how broad the vulnerability could be.”
Although Rosekind wouldn’t identify the manufacturer of FCA’s Uconnect radio, Charlie Miller, one of the men responsible for bringing the cyber risk to the forefront, said Harman makes the unit.
FCA recalled 1.4 million vehicles earlier this month after a report featured Miller and his associate Chris Valasek hacking into a 2014 Jeep Cherokee equipped with the Uconnect system. Miller and Valasek were able to remotely manipulate the Jeep’s steering, brakes and even engine.
“This is the shot across the bow. Everybody’s been saying ‘cybersecurity’. Now you’ve got to step up,” Rosekind said of the duo’s findings. “You’ve got to see the entire industry proactively dealing with these things.”
General Motors quickly followed suit with a security update for its OnStar telematics system. Rosekind said his agency is collecting information on the GM case but has not yet started a formal investigation.