Even with the breakthrough technology within the Model S, there’s always a security hole somewhere and a hacker will find it given enough time and opportunity. Tesla has some of the best security engineers to push updates out to its vehicles promptly when needed. This gives Tesla an edge and control that other manufacturers simply don’t have.
However, a hacker has found that simply cloning a key fob can be done and therefore simply drive the car away without performing your movie hacker scene.
At KU Leuven university in Belgium were set to present information to a conference that would reveal a technique for decrypting the wireless key fobs of Tesla’s Model S. For around $600, radio hardware can be purchased that would wirelessly read signals from a close by Tesla key fob. Within seconds the fobs security software key is then exposed and therefore the security of the Model S that pairs with the fob is compromised.
Lennert Wouters, one of the researchers state: “Today it’s very easy for us to clone these key fobs in a matter of seconds. “We can completely impersonate the key fob and open and drive the vehicle.”
Around this time, Tesla rolled out another form of security, the PIN code to drive the car. The driver/owners set the pin, similar to what you would do with your mobile phone, then the large display would prompt you to enter your pin to drive the vehicle. Tesla also stated that Model S units sold after June of 2018 will not be vulnerable to the attack due to upgraded key fobs. If Model S owners prior to that date don’t use the pin or don’t upgrade their key fobs, they could be victim to such an attack.
Here is a YouTube video of COSIC researchers that hack the Model S key fob:
What was the result of the KU Leuven research? In August of 2017 Tesla was presented with this information from KU Leuven and Tesla paid them $10k bug bounty for their work! What transpired after was the PIN rollout then fixes to the fobs, although this took some time.
A Tesla spokesperson stated this to WIRED: “Due to the growing number of methods that can be used to steal many kinds of cars with passive entry systems, not just Teslas, we’ve rolled out a number of security enhancements to help our customers decrease the likelihood of unauthorized use of their vehicles,”
Researches also stated that this technique doesn’t just work with Teslas. Other manufacturers such as McLaren, Karma and even Triumph also use the Pektron’s key fob system (same as the Model S).
Grand Theft Auto is a growing issue even with high-end luxury vehicles. Take advantage of the security features manufacturers add such as the PIN from Tesla or disabling auto passive entry.