FCA US LLC, formerly Chrysler Group LLC, announced on Friday that Fiat Chrysler will recall 1.4 million vehicles in US to install software to prevent hackers from gaining remote control of the engine, steering and other systems. According to federal officials, this is the first such action of its kind. This announcement was made several days after cyber security researchers succeeding in using a wireless connection to turn off a Jeep Cherokee’s engine as it drove. The National Highway Traffic Safety Administration also said on Friday that it would investigate whether FCA’s solution to upgrade software was enough to protect consumers from hackers.
Last Wednesday, a group of hackers, who claimed to be a part of Anonymous, said that it had successfully hacked the US Census Bureau, compromising over 4,200 workers’ data in the process. The data alleging to be stolen includes the usernames, work email addresses and office phone numbers of the government department’s staff. The hackers claimed that the purpose behind this cyber attack is to protest the Transatlantic Trade and Investment Partnership (TTIP) and Trans-Pacific Partnership (TPP) trade negotiations. These trade negotiations are originally designed to improve trade relations and lower barriers between participating nations. However, it has also led to concerns within Europe that free, state-run health services could be privatized.
United Airlines has paid out “bug bounties” to cyber security experts who found and exposed weaknesses in the airline’s website. The original announcement on the “bug bounties” program was announced in May, only a few weeks before the latest several technical glitches that grounded flights for nearly one and a half hour. According to United officials, the Chicago-based carrier borrowed the “bug bounty” idea from technology companies in Silicon Valley, which offers rewards to anyone being able to identify cyber security gaps. The United would give 1 million reward miles to whoever could find a loophole that allowed hackers to execute computer codes at the United website from a remote server. This reward equals to about three first-class round-trip tickets from US to Europe.
Planned Parenthood confirmed on Monday that anti-abortion hackers had tried to compromise the information systems of the organization, potentially exposing sensitive data of their employees. A hacker called “E” claimed partial responsibility of the attack, saying that the hackers had pilfered internal files, emails and worker information. These hackers were also threatening to decrypt and unveil the organization’s internal emails next. According to the hackers, the attack was mainly aimed at “seeking to reclaim some sort of lulz for the years and thousands of dollars that Planned Parenthood have wasted and made harvesting your babies,” which could be regarded as an support of the recent appeal on stripping Planned Parenthood of its federal funding.
Cybersecurity Information Sharing Act, or CISA, a bill that encourages private companies to share data with the federal government, is expected to be delayed until this September. The bill’s co-author, Sen. Dianne Feinstein, California Democrat argued that CISA could “incentivize the sharing of cybersecurity threat information between the private sector and the government and among private sector entities.” However, this bill is strongly opposed by privacy advocates. Earlier this week, digital rights groups including American Civil Liberties Union and the Electronic Frontier Foundation opened a website containing details on the cyber bill and a free service in which visitors could have their concerns automatically routed to the fax machines in all 100 US senator’s offices. As of Wednesday morning, more than a quarter-million faxes had already been sent. It was said that the grassroots effort might be the major reason for the Capitol Hill to postpone the bill.
Follow the SiteLock blog for the latest cybersecurity news and information.