22 September, 2016

Car hackers found a way to trigger a Tesla's brakes from miles away

A group of security researchers have found a way to remotely hack into Tesla cars and play havoc with their settings - unlocking doors, adjusting chairs, triggering indicator lights, and even activating the brakes from miles away.

The Chinese research team, from the Keen Security Lab at Tencent, first privately disclosed their findings to Tesla, and are only publishing the details now it has been patched.

There's no evidence that anyone ever maliciously used this vulnerability to target Tesla cars - but it's still a terrifying reminder of the risks that face internet-connected vehicles.

How did it work? According to a statement Tesla provided to The Verge, the targeted vehicle needed to be connected to a malicious Wi-Fi network, and using the web browser. If it is, then the hacker can take control - no physical access to the vehicle required. It affected vehicles including the Model S, that used (then-)up-to-date firmware.

The range of things the researchers could do range from the annoying to the potentially deadly. For example, when the Tesla was parked they could open the sunroof, trigger the indicator lights, and move the driver's car seat. They could also unlock the car door without the key - every thief's dream.

While moving, meanwhile, it gets more serious. The Chinese researchers were able to open the trunk adjust wing mirrors, and control the windscreen wipers, all of which could be fatally distracting. And worst of all, they found a way to trigger the vehicle's brakes from miles away, doing it in a video from 12 miles away

And here's the full statement from Tesla,

"Within just 10 days of receiving this report, Tesla has already deployed an over-the-air software update (v7.1, 2.36.31) that addresses the potential security issues. The issue demonstrated is only triggered when the web browser is used, and also required the car to be physically near to and connected to a malicious wifi hotspot. Our realistic estimate is that the risk to our customers was very low, but this did not stop us from responding quickly.

"We engage with the security research community to test the security of our products so that we can fix potential vulnerabilities before they result in issues for our customers. We commend the research team behind today's demonstration and plan to reward them under our bug bounty program, which was set up to encourage this type of research.