News

A hacker shows a weak point in Tesla and other electric cars

Electric cars, and more especially Tesla, have implemented certain methods of opening, starting and exiting, with which they dispense with the traditional key or remote. Tesla, for its part, transformed this traditional device into a sort of access and unlock card for the car itself. Nevertheless, a cybersecurity specialist has shown how these same advances will make it easier for friends of others when it comes to getting one of these electric vehicles.

It has been the specialist and principal security consultant of NCC Group, Sultan Qasim Khan, who has publicly demonstrated how easy it can be for a hacker to access the model, start it up and even drive without the need to have an access card that he uses Tesla. The mechanism used by the Californian brand is the easiest to imitate, however, other brands and models could also be vulnerable.

The hack is carried out when the thief diverts all the communications that the car normally carries out with the access card, to the mobile phone encrypted to contain all these parameters, thus tricking the system itself into believing that the user is carrying said card, when it’s really just a smartphone encoded. As we have already mentioned, it can also be carried out on other models, whether electric or not, since the coding will be that of the car’s own control; it would only be necessary to have a keyless access and start vehicle.

Despite its ease to carry out theft, at the moment there is no known evidence that this has been used to usurp the vehicle from its owner. Tesla, for its part, has not publicly responded to explicit comments about this study, while the NCC provided a specific report of this vulnerability to the company itself, who received the response that it did not pose a significant risk to their customers. The specialist, as a suggestion, advised Tesla that the best way to prevent these attacks would be to completely overhaul the keyless entry and start system so particular.

PHOTO - The Tesla Model S and the Model Y would be the ones that represent the greatest risks.
The Tesla Model S and Model Y would be the ones that represent the greatest risks.

This is not the first time that we see how Tesla makes its vulnerabilities clear with respect to various cybersecurity specialists, because just a few days ago, David Colombo showed how to hijack certain functions of other cars, such as opening and closing their doors, or controlling the volume of your stereo. It is true that Sultan Qasim Khan has gone a step further and speaks of total control of the vehicle in question.

This discovery was found through investigating security breaches on other devices, such as home access locks, which Khan specifies also have the same type of problem. The head of cybersecurity carried out a demonstration for the media BloombergNewsin which Khan himself carried out a computer intrusion into someone else’s Tesla.

Khan carried out this attack through the use of two small devices that act as remote electronically operated switches. For it, one of these devices was placed about 15 meters away from the access card of the owner of the vehicle; the second device remained as a receiver connected to a laptop located in the vicinity of the electric car itself. Just a few seconds later, the hacker had full control of the vehicle. These devices have been developed and designed by Sultan Qasim Khan himself, who sells them online for just under 50 dollars, while if you want to buy the complete system, it will cost approximately 100 dollars.

Related Articles

Leave a Reply

Your email address will not be published. Required fields are marked *

Back to top button