Tuesday, 13 December 2016

Keyless entry hack makes millions of modern cars vulnerable to theft



Credit: Pic Click CA

As computerised facilities are added to motor vehicles, they create new avenues for the security of those vehicles to be breached. Keyless entry is one such avenue.

Recently hacks have been uncovered which allow entry to vehicles & even the capability drive them away. Vulnerable vehicles include the 2017 Toyota Camry, 2016 Chevrolet Impala, 2015 Ford Edge, & 2013 Volkswagen Jetta Hybrid.

Wired
https://www.wired.com/2016/08/oh-good-new-hack-can-unlock-100-million-volkswagens/

Slash Gear
https://www.slashgear.com/keyless-entry-cars-can-be-stolen-with-this-new-mystery-hack-11467097/

PDF of the Garcia & Oswald paper is available at:
https://www.usenix.org/system/files/conference/usenixsecurity16/sec16_paper_garcia.pdf
/ cars more reliant computers operating systems engines ways drivers interact with them susceptible to hacks software-based attacks USA National Insurance Crime Bureau NICB identified new tool allow thieves unlock cars equipped with keyless-entry keyless entry keylessentry start engine drive off drive away mystery device NICB non-profit non profit nonprofit organization insurance industry third-party security expert overseas Europe rare reports official police reports identifying the device source car theft Los Angeles Times reports device two components driver parks locks their vehicle thief standing nearby amplify the signal sent from the key fob locked signal tricks vehicle into thinking it’s the key fob cars outfitted keyless ignition unlocked started and driven informal testing NICB cars vulnerable to the hack 2017 Toyota Camry 2016 Chevrolet Impala 2015 Ford Edge 2013 Volkswagen Jetta Hybrid NICB Relay Attack unit tool car manufacturers test network security vehicles no way to combat such a device not easy to come by plenty of other methods hacking keyless-entry systems Hack unlock steal University of Birmingham computer scientist Flavio Garcia and a team of researchers were preparing to reveal a vulnerability that allowed them to start the ignition of millions of Volkswagen cars and drive them off without a key Flavio Garcia Senior Lecturer in Computer Security Senior Birmingham Fellow School of Computer Science University of Birmingham /