It has been reported that Lennert Wouters, a security researcher at Belgian university KU Leuven, revealed a collection of security vulnerabilities in keyless entry for Tesla Model X which can be exploited to steal the car.
Experts Comments
The PIN is still required to start the car, and is needed to disable the PIN as well.
It’s a clever hack relying on sourcing components most likely came from stolen and chopped up vehicles (the majority of eBay parts are coming out of Eastern Europe after cars were stolen) but it would be harder to execute in real life given the attacker needs to be in proximity of the key as well as the vehicle, without being noticed.
Also, if Tesla’s ‘PIN to drive’ technology is enabled it doesn’t allow people to drive off in the car without a PIN. Even if the car is tricked into.....Read More
Tesla did a great job quickly fixing the issue with an over the air update.
This vulnerability helps to illustrate how our homes and vehicles have become more connected and as convenience features are added, the attack surface increases. In this case, while relatively low cost considering the value of a targeted Tesla, there are a number of steps that need to take place in order to pull it off. While not difficult, it could raise some suspicion if done in a public parking lot or other populated public space. Tesla did a great job quickly fixing the issue with an over.....Read More
Automotive key fob attacks are real-world threats with significant impacts for automobile manufacturers.
Automotive key fob attacks are real-world threats with significant impacts for automobile manufacturers, law enforcement, vehicle financers, and drivers. With consumer demand for Bluetooth and internet-connected vehicle functionality on the rise, it’s more important than ever to ensure these technologies are secure. Wouters’ Tesla Model X research demonstrates the impacts of security requirements and security features not having proper validation. Having thorough software composition.....Read More
Dot Your Expert Comments
Only for registered and approved experts. Please register before providing comments. Register here
Linkedin Message
@David Barzilai, Co-founder and Executive Chairman , provides expert commentary for "dot your expert comments" at @Information Security Buzz.
"Karamba’s position is that the Tesla hack shows yet again the need of securing keyless entry systems...."
#infosec #cybersecurity #isdots
https://informationsecuritybuzz.com/expert-comments/expert-insight-on-the-bluetooth-attack-to-steal-a-tesla-model-x-in-minutes
Facebook Message
@David Barzilai, Co-founder and Executive Chairman , provides expert commentary for "dot your expert comments" at @Information Security Buzz.
"Karamba’s position is that the Tesla hack shows yet again the need of securing keyless entry systems...."
#infosec #cybersecurity #isdots
https://informationsecuritybuzz.com/expert-comments/expert-insight-on-the-bluetooth-attack-to-steal-a-tesla-model-x-in-minutes