Researchers wirelessly hit the brakes in a Model S, Tesla patches quickly
on
Get link
Facebook
X
Pinterest
Email
Other Apps
Exploiting in-car Web browser, researchers gained access to car's control network.
Sean Gallagher
Security researchers at the Chinese
Internet company Tencent's Keen Security Lab privately revealed a
security bug in Tesla Model S cars that allowed an attacker to achieve remote access to a vehicle's Controller Area Network (CAN)
and take over functions of the vehicle while parked or moving. The Keen
researchers were able to remotely open the doors and trunk of an
unmodified Model S, and they were also able to take control of its
display. Perhaps most notably, the researchers remotely activated the
brakes of a moving Model S wirelessly once the car had been breached by
an attack on the car's built-in Web browser.
Tesla has already issued an over-the-air firmware patch to fix the situation.
Previous hacks of Tesla vehicles
have required physical access to the car. The Keen attack exploited a
bug in Tesla's Web browser, which required the vehicle to be connected
to a malicious Wi-Fi hotspot. This allowed the attackers to stage a
"man-in-the-middle" attack, according to researchers. In a statement on
the vulnerability, a Tesla spokesman said, "our realistic estimate is
that the risk to our customers was very low, but this did not stop us
from responding quickly." After Keen brought the vulnerability to
Bugcrowd, the company managing Tesla's bug bounty program, it took just
10 days for Tesla to generate a fix.
Full details of the attack were not revealed.
But in a video demonstrating the attack (shown above), researchers
exploited the in-car browser of an unmodified vehicle by intercepting a
search for the nearest charging station. The exploit then allowed the
researchers to gain remote control over Wi-Fi to door locks, seat
adjustments, signals, and other controls including the vehicle's
displays. While moving, the researchers were also able to demonstrate
remote control of the vehicle's rear hatch and the brakes, bringing the
car to a very sudden stop from a computer 12 miles away.
Comments
Post a Comment