DETROIT - When researchers at two West Coast universities took control of a General Motors car through cellular and Bluetooth connections in 2010, they startled the auto industry by exposing a glaring security gap.

Five years later, two friendly hackers sitting on a living room couch used a laptop computer to commandeer a Jeep from afar over the Internet, demonstrating an even scarier vulnerability.

"Cars don't seem to be any more secure than when the university guys did it," says Charlie Miller, a security expert at Twitter who, along with well-known hacker and security consultant Chris Valasek, engineered the attack on the Jeep Cherokee.

Fiat Chrysler, the maker of Jeeps, is now conducting the first recall to patch a cybersecurity problem, covering 1.4 million Jeeps. And experts and lawmakers are warning the auto industry and regulators to move faster to plug holes created by the dozens of new computers and the growing number of Internet connections in today's automobiles.

The average new car has 40 to 50 computers that run 20 million lines of software code, more than a Boeing 787, a recent KPMG study found.

Miller and Valasek are known as "white hat," or ethical, hackers and reported their findings to the company. But the episode raised the prospect that someone with malicious intent could commandeer a car with a laptop and make it suddenly stop, accelerate or turn, injuring or killing someone.

After the 2010 hack, the auto industry plugged access holes and tried to isolate entertainment and driver information systems from critical functions such as steering and brakes. But in each subsequent model year, it added microchips and essentially turned cars into rolling computers. The introduction of Internet access has created a host of new vulnerabilities.

"The adversary only needs to find one way to compromise the system, where a defender needs to protect against all ways," says Yoshi Kohno, associate professor of computer science at the University of Washington, who was part of 2010 hack.