Gone are the days of only being able to hack into ATMs and underground smart grid.
Thieves have graduated from stealing cars with the old-fashioned coat hanger to wirelessly hacking into vehicle smart keys. And worst of all, it’s done without leaving a trace. No broken windows or bodgied locks from forced entry or old-school hotwiring techniques. There are no signs of hacking in the slightest form.
Cars equipped with passive keyless entry and start (PKES) keys, AKA modern smart keys, use radio frequencies to allow drivers to unlock and even start a vehicle’s engine without turning a key. According to recent European research, these systems are capable of being hacked quite easily. So the security of expensive modern vehicles is on par with the security of vulnerable PCs at home.
Swiss security researchers from ETH Zurich University conducted an experiment by examining the protection of 10 car models across eight manufacturers. Surprisingly, they were able to gain entry into all 10 cars and drive away with them by simply intercepting and relaying signals from each car and their wireless smart key.
Although it was possible for the researchers to relay signals from the smart key back to the car as well, they often didn’t need to since the key can transmit signals up to approximately 100 meters. And this worked, no matter what protocol or cryptology was used by the car manufacturer.
Depending on the electronic and attack strategy employed by the Swiss researchers, the required equipment to hack into a car’s smart key can be bought for as little as $50, with a maximum cost of $1000 depending on the electronic and attack strategy employed.
Additional security recommendations were made by the researchers, including manufacturers adding button-on wireless key fobs, which can disable the communication between a smart key and car. The researchers also urged car owners to remove the smart key’s batteries or place it in a carry box to block electronic signals. Until security is further improved, maybe the best option is to go back to using an old-fashioned key.
The content, thoughts and opinions stated in this article are of the relevant contributors. Buzz Insurance do not necessarily share or endorse those opinions. Neither Buzz Insurance nor any of its employees makes any warranty, expressed or implied, or assumes any legal liability or responsibility for the accuracy, completeness, or usefulness of any information, product, or process disclosed.
