Shooting the messenger isn't just bad PR for corporations. It's deeply ingrained in most enterprise culture, and it's why problems like this occur in the first place.
You know that engineers on the ground were well aware of this vulnerability. You know they tried to warn. But what happened to the warnings? They didn't make it up to the executive levels necessary, because several layers in between feared for their jobs and careers if they said something like "This new feature you're demanding could be used to brick every single Fiat-Chrysler vehicle we make, or even murder people". So the executives were asking for features but flying blind on danger.
And ultimately, this is a failure of the executive structure and the corporate structure (and it's an inherent antipattern in large organizations). Since the nature of hierarchy is for subordinates to hide unpleasant truths from superiors, they should have been actively asking about the hazards. They could have hired outside security reviewers. But they didn't.
You know that engineers on the ground were well aware of this vulnerability. You know they tried to warn. But what happened to the warnings? They didn't make it up to the executive levels necessary, because several layers in between feared for their jobs and careers if they said something like "This new feature you're demanding could be used to brick every single Fiat-Chrysler vehicle we make, or even murder people". So the executives were asking for features but flying blind on danger.
And ultimately, this is a failure of the executive structure and the corporate structure (and it's an inherent antipattern in large organizations). Since the nature of hierarchy is for subordinates to hide unpleasant truths from superiors, they should have been actively asking about the hazards. They could have hired outside security reviewers. But they didn't.