+

Cookies on the Business Insider India website

Business Insider India has updated its Privacy and Cookie policy. We use cookies to ensure that we give you the better experience on our website. If you continue without changing your settings, we\'ll assume that you are happy to receive all cookies on the Business Insider India website. However, you can change your cookie setting at any time by clicking on our Cookie Policy at any time. You can also see our Privacy Policy.

Close
HomeQuizzoneWhatsappShare Flash Reads
 

Security company says Teslas can be unlocked and driven using a simple, inexpensive hack

May 18, 2022, 01:34 IST
Business Insider
The Tesla Model 3.Xing Yun/Costfoto/Future Publishing via Getty Images
  • A security company uncovered a security flaw in Bluetooth used by companies across many industries.
  • The firm was able to unlock a Tesla and operate it without using a key.
Advertisement

A cybersecurity company uncovered a vulnerability that hackers could exploit to unlock a Tesla and drive away.

UK-based NCC Group says it found security flaws in Bluetooth Low Energy (BLE), the technology that many cars, including Tesla, use to detect when an owner is close by and allow them to operate the vehicle without turning a key. The company said millions of vehicles, residential smart locks, laptops, and other devices that use BLE for proximity authentication are vulnerable to attack.

"Our research shows that systems that people rely on to guard their cars, homes and private data are using Bluetooth proximity authentication mechanisms that can be easily broken with cheap off-the-shelf hardware," NCC said in a press release Monday.

One convenient part of owning a Tesla is that owners can download the automaker's app to use their phone as a car key. It's a neat benefit that leaves some Teslas exposed to cyberattacks, NCC Group said. The company said it used a series of so-called relaying devices to trick a 2020 Tesla Model 3 into thinking its owner's phone was nearby, when in fact the phone was 25 meters away.

NCC Group was able to unlock and operate the Tesla even when the authorized iPhone was far outside of BLE range. The company said it expects Model Y vehicles are vulnerable to the same attack.

Advertisement

"What makes this powerful is not only that we can convince a Bluetooth device that we are near it — even from hundreds of miles away — but that we can do it even when the vendor has taken defensive mitigations," said NCC Group principal security consultant and researcher, Sultan Qasim Khan, who conducted this research.

NCC Group said it notified Tesla's security team of the vulnerability, and that the automaker said it was aware of the issue.

Tesla did not immediately return a request for comment.

NCC Group said it was also able to use a relay attack to unlock a particular model of Kwikset smart lock. In a statement to Insider, a Kwikset spokesperson said enhanced security features including two-factor authentication protect against relay attacks.

In an emailed statement, Bluetooth Special Interest Group, the association that oversees Bluetooth technology, said it "prioritizes security and the specifications include a collection of features that provide product developers the tools they need to secure communications between Bluetooth devices." The group said it educates developers about security risks and works to address vulnerabilities.

Advertisement
You are subscribed to notifications!
Looks like you've blocked notifications!
Next Article