Software vulnerabilities in Tesla’s Model S cars have allowed cybersecurity experts to completely take over the vehicle’s electronic system and even shut down the car remotely. The company already introduced a patch for the discovered bugs.
Marc Rogers, principal security researcher at Cloudflare, and Kevin Mahaffey, chief technology officer of Lookout, managed to gain remote control of the Model S after initially tinkering with the vehicle’s electronic system.
Using the hidden cable installed in Tesla cars for maintenance and technicians to fix flaws, the security experts were able to search for flaws in software. They tricked the system into thinking their laptop was the car itself and eventually got administrative access to the vehicle.
“We spoke to Tesla as the car, and essentially requested permission for more information,” Rogers told NPR. “Once we had that foothold, we then took over all the computers in the car.”
Once full access was gained, they were able to control Tesla remotely. The cybersecurity analysts built themselves a backdoor to perform any action available to the car’s owner via the Tesla’s s touch screen or smartphone app.
According to the blog explanation of the hack by Mahaffey, the Tesla Model S can be brought to a complete halt at speeds of less than five miles per hour by remotely sending out commands to apply the emergency hand brake. At higher speeds, the vehicle shuts off its engine but “gracefully” allows drivers to control steering and braking before the car eventually stops.
The computer experts were also able to control the speedometer to display the wrong speed, lower and raise the windows, lock and unlock the $100,000 car.