terryleewhite - stock.adobe.com

Belgian security researcher hacks Tesla with Raspberry Pi

Belgian security researcher Lennert Wouters once again succeeds in hacking a Tesla vehicle, this time by exploiting the Bluetooth Low Energy standard

Alex Scroxton
By
  • Alex Scroxton, Security Editor

Electric automaker Tesla has rolled out an over-the-air patch for its Model X vehicles after being informed of a serious vulnerability in its keyless entry system, identified by Belgian academics, which could have enabled criminals to circumvent the $100,000 (£82,000/€83,500) car’s onboard security systems.

The Tesla Model X’s key fob lets its owners automatically unlock their car when approaching it, or by pressing a button, using the Bluetooth Low Energy (BLE) communications standard to talk to the car via a smartphone app.

This process was bypassed by PhD student Lennert Wouters of the University of Leuven’s Computer Security and Industrial Cryptography (Cosic) research group in a proof of concept using a self-made device built from a Raspberry Pi, a modified key fob and engine control unit (ECU) from a salvaged Model X, and other components costing a total of $195 (£144/€162).

“Using a modified ECU, obtained from a salvage Tesla Model X, we were able to wirelessly – up to 5m distance – force key fobs to advertise themselves as connectable BLE devices,” said Wouters.

“By reverse engineering the Tesla Model X key fob, we discovered that the BLE interface allows for remote updates of the software running on the BLE chip. As this update mechanism was not properly secured, we were able to wirelessly compromise a key fob and take full control over it. Subsequently, we could obtain valid unlock messages to unlock the car later on.”

To exploit the vulnerability, a car thief would have needed to get within about 5m of their victim’s key fob to wake it, and then send their own software to it to gain full control. According to Cosic, this process takes about 90 seconds.

Following this, the thief could obtain valid commands allowing them to unlock the vehicle. After gaining access to the onboard diagnostic connector used by service technicians, they would then have had to pair a modified key fob to the vehicle, at which point they could start the vehicle and drive off.

This is the third time in as many years that Wouters has successfully broken into a Tesla vehicle by exploiting its keyfob. In both prior instances, he was able to effectively “clone” the device to gain access.

Erich Kron, security awareness advocate at KnowBe4, said Wouters’ disclosure played an important role in highlighting how increasing the number of internet connections in 数字货币homes and vehicles in the name of convenience was creating much larger attack surfaces that are cheap to attack, especially compared with the sticker price of a Tesla.

However, he said, this particular vulnerability was not necessarily one for Tesla drivers to be too worried about.

“Tesla did a great job quickly fixing the issue with an over-the-air update and the researcher showed responsible reporting ethics by notifying Tesla and allowing it to develop the fix before publicly releasing the vulnerability and the exploit”
Eric Kron, KnowBe4

“There are a number of steps that need to take place in order to pull it off – while not difficult, it could raise some suspicion if done in a public parking lot or other populated public space,” he said.

“Tesla did a great job quickly fixing the issue with an over-the-air update and the researcher showed responsible reporting ethics by notifying Tesla and allowing it to develop the fix before publicly releasing the vulnerability and the exploit.

“Publicly reporting vulnerabilities like this will help secure vehicles and devices of all manufacturers across many industries and applications,” said Kron.

Jacob Wilson, senior security consultant at Synopsys, added: “Automotive key fob attacks are real-world threats with significant impacts for automobile manufacturers, law enforcement, vehicle financers and drivers.

“With consumer demand for Bluetooth and internet-connected vehicle functionality on the rise, it’s more important than ever to ensure these technologies are secure. Wouters’ Tesla Model X research demonstrates the impacts of security requirements and security features not having proper validation. Having thorough software composition analysis and fuzz testing performed against embedded electronics provides a higher level of confidence to thwart these attacks.”

Read more about IoT security

  • With the convergence of 数字货币home and work networks, IoT vulnerability platforms might push security awareness across consumer and enterprise IoT and assist manufacturers with regulations.
  • Certain IoT security concerns are hard to forget, such as IoT botnets, but others might not come to mind as easily, such as DNS threats and physical device attacks.
  • IoT gateways serve as essential components in building effective IoT deployments and greater security, but admins should secure them with regular software updates and audits.

Content Continues Below

Read more on Hackers and cybercrime prevention

SearchCIO

  • The impact of blockchain in COVID-19 pandemic

    Organizations across several industries from healthcare to retail are turning to blockchain to help support critical business ...

  • Top 5 digital transformation trends of 2021

    In 2021, low-code, MLOps, multi-cloud management and data streaming will drive business agility and speed companies along in ...

  • Private 5G companies show major potential

    Companies across several vectors are deploying their own private 5G networks to solve business challenges. Here, experts dive ...

SearchSecurity

  • How to perform a cybersecurity risk assessment, step by step

    This five-step framework for performing a cybersecurity risk assessment will help your organization prevent and reduce costly ...

  • 6 common types of cyber attacks and how to prevent them

    To prevail in the battle against cybercrime, companies must understand how they are being attacked. Here are the six most ...

  • The enterprise case for implementing live-fire cyber skilling

    Companies continue to grapple with the cybersecurity skills gap, but Adi Dar offers a way to ensure security teams are properly ...

SearchNetworking

  • 5 networking startups helping enterprises adapt and prepare

    Even in a global pandemic, these five networking startups continue to impress. Learn how their innovative technologies can help ...

  • Private 5G networks to gain momentum in 2021

    Enterprises using industrial IoT devices are among the early adopters of private 5G networks, which could become an $8 billion ...

  • Ensure network resilience with redundancy and skills

    Ensuring network resilience doesn't just mean building redundancy in network infrastructure. It should also include planning ...

SearchDataCenter

  • Server failure, Linux comprise 2020 data center management tips

    When you work in IT, you should consistently try to expand your knowledge base. This tip roundup explores recent content about ...

  • Smart UPS features for better backup power

    Vendors now offer UPSes with functions that help regulate voltage and maintain battery health. Before you upgrade, evaluate costs...

  • Data center market M&A deals hit new high in 2020

    This year proved to be a banner year for data center mergers and acquisitions with 113 deals valued at over $30 billion, a pace ...

SearchDataManagement

  • What FAIR data management means for your enterprise

    The FAIR principles were made to promote the sharing of data in the research field, but their guidance can help organizations in ...

  • Emerging data management trends to watch in 2021

    A number of nascent efforts across the enterprise data landscape became manifest in 2020 that are likely to become larger trends ...

  • Data lineage documentation imperative to data quality

    Understanding the detailed journey of data elements throughout the data pipeline can help an enterprise maintain data quality and...

Close