Connected cars are often talked about for their potential vulnerabilities to hackers. The idea that someone could cause an accident by remotely veering your car off the road or applying the brakes is terrifying, but so far the risk has been fairly limited.
As a flagship “connected car”, the Tesla Model S has been a constant target for hackers. Some have demonstrated being able to take control of the vehicle, but only through a physical connection to the car, which is not very different from any car-jacking by “hot-wiring” the vehicle.
Now a group of hackers from China demonstrated what they describe as the first remote hack of a Tesla Model S.
Hackers at the Keen Security Lab of Tencent, a Chinese Technology conglomerate, discovered the vulnerabilities and reported it to Tesla before publishing a video demonstration today.
According to the team, Tesla already pushed an update to patch the vulnerabilities exploited in the demonstration. We asked Tesla for an official comment on this and we will update if we get an answer. The automaker did roll out a new version of its 7.1 update earlier this week before the video was published.
In a blog post on their website, Keen Lab wrote:
“As far as we know, this is the first case of remote attack which compromises CAN Bus to achieve remote controls on Tesla cars. We have verified the attack vector on multiple varieties of Tesla Model S. It is reasonable to assume that other Tesla models are affected.”
Here’s the group’s demonstration:
Activating functions like opening the pano-roof have been demonstrated before and can be achieved by compromising the Tesla app, which enables those actions, but activating the brakes without a physical connection might very well be a first.
Keen Security Lab doesn’t explain in details how they achieved the hack, but we can see that the car need to send a request online before they could own it. The vehicle could have been on a wifi hotspot controlled by the team.
If anything, they made every Tesla on the road a little bit safer!
Update: Tesla sent us the following statement confirming that they needed to connect to a wifi hotspot:
“Within just 10 days of receiving this report, Tesla has already deployed an over-the-air software update (v7.1, 2.36.31) that addresses the potential security issues. The issue demonstrated is only triggered when the web browser is used, and also required the car to be physically near to and connected to a malicious wifi hotspot. Our realistic estimate is that the risk to our customers was very low, but this did not stop us from responding quickly.We engage with the security research community to test the security of our products so that we can fix potential vulnerabilities before they result in issues for our customers. We commend the research team behind today’s demonstration and plan to reward them under our bug bounty program, which was set up to encourage this type of research. “