As reported by The Irish Times, owners of more than 25 Tesla cars in 13 countries around the world may be surprised to learn that their vehicles have apparently been hacked into remotely by a security researcher in Germany, who says he has discovered a software flaw in the EV pioneer’s systems.
David Colombo, a 19-year-old self-described information technology specialist, tweeted Tuesday that the software flaw allows him to unlock doors and windows, start the cars without keys and disable their security systems. Colombo also claimed he can see if a driver is present in the car, turn on the vehicles’ stereo sound systems and flash their headlights. The teenager did not reveal the exact details of the software vulnerability, but said it was not within Tesla’s software or infrastructure and added that only a small number of Tesla owners globally were affected.
<p>The fundamental problem with smart cars is their remote functionality, which needs to be water tight for the security to operate successfully. Unlike small IoT devices around the home, remote car technology could potentially be a matter of life and death, which ramps up the severity of these claims. Car makers can never relax in this space where threat actors, good or bad, will continue to look for any given vulnerability to exploit where possible. Automotive producers require the highest of standards but are unable to do this by themselves. Offering bug bounties with even larger payments is a way of crowdsourcing the skills around the world in order to future-proof their technologies.</p>