Keyless car systems are easy booty for hackers

Keyless car systems that allow the driver to access into the car and start the engine without placing the key in the lock and the starter are extremely popular even in small-duty vehicles. Almost all premium models offer such systems in their standard equipment. A survey by the German ADAC, however, shows that these systems are extremely vulnerable to hacker attacks and to an alarming degree.

The technicians chose 237 cars with a keyless entry system and found that 230 of them are vulnerable to attacks where the thief can unlock the vehicle and put the engine in front without having the key. 

These attacks are called “relay” and in fact intercept the signal that emits wirelessly and intact the key, they reinforce it as they are physically weak for obvious reasons and in this way they “convince” the vehicle that the key is close to it. Beyond that, and after the thieves have gained access to the cabin, they can do what they want, and naturally, in this category falls the theft of the whole car!

The 97% rate is frightening and if it proves something, it is that manufacturers do not take the issue of safety seriously. Consider that “relay” attacks are feasible with devices that are sold freely on the Internet and at a particularly low price!

It is worth mentioning that out of the 7 cars left at 4, the hackers were able either to unlock the vehicle or to start the engine but not both, while only 3 proved to be resistant to the attacks. Note that all three models were Jaguar-Land Rover!

Read more :

What can owners do? ADAC advises that wrapping the keys of such systems with aluminum foil does not ensure their protection, as even the smallest gap may allow the signal to “escape”. All they can do is learn if the keyless system can be turned off. 

A measure that undoubtedly helps but does not have to do with owners, is implemented by BMW and Mercedes-Benz that added motion sensors to their keys. In this way, they ensure that the key emits a signal only when it is moving so the thieves can not clone their signature as long as it stays “static” at home.

source

Leave a Reply

Your email address will not be published. Required fields are marked *