Auto hacks: security expert cracks Tesla S.
A six-digit password provides access to door locks
Modern high-tech bodies from Tesla Motors http://teslamotors.com are good for the environment, but not for data protection. Because when it comes to the implemented security precautions, the electric cars can be hacked just as easily as any conventional computer. The US security expert Nitesh Dhanjani comes to this sobering conclusion after he subjected his own Tesla "Model S" to a comprehensive security check. According to this, malicious cyber criminals only have to crack a six-digit password in order to gain easy and convenient access to the door locks via the corresponding online account, to find out the current location or to read the current battery charge status.
Tesla Model S: Hackers have an easy game (Photo: teslamotors.com)
Life in danger
"Today we have completely new ways of gaining access to our cars. Hackers can use this to their advantage," warns Dhanjani on his blog http://dhanjani.com . Because of the built-in internet technologies, the risk of falling victim to a hacking attack is basically just as great as with a normal computer. "The safety standards for cars should be much higher than for an average laptop. Cars are not only much more expensive, a loss of control can even endanger life in a car," emphasizes the expert.
"The integration of internet technology is a trend that has advantages and disadvantages," says Max Lang, chief technician at the ÖAMTC http://oeamtc.at , opposite press text clear. "If the manufacturer's wishes go well, cars can in future be monitored in such a way that, for example, the driver is automatically sent a warning if his brakes are too worn," explains the expert. However, increasing networking also harbors dangers. "Hackers can penetrate wherever data is exchanged over the web," says Lang. There is no one hundred percent protection. "A six-digit password is certainly not sufficient as a protective measure," said the ÖAMTC technician.
Extensive security check
In the case of Tesla's Model S, it is evident that cyber criminals are making it particularly easy to gain illegal access. According to security expert Dhanjani, who has such a car in his garage, it is enough to crack a simple six-digit password to be able to operate the electric vehicle's door opener with the associated mobile phone app. "After I saw that everything at Tesla is handled using a simple central password, I decided to test the system extensively," he says, describing his motivation.
The result was not at all satisfactory. Even after he tried 150 times to gain access to the car using an incorrect code, the system did not block him. "This opens the door to hackers who can use so-called 'brute force attacks' to run thousands of possible passwords per second," explains Dhanjani. "Tesla urgently needs to improve this, because other automakers are also inspired by the developments there and the problem could thus expand dramatically," the expert concluded.
(ck)
.