Report: Tesla Is The Most “Hackable” Car

When it comes to the easiest car to hack into, Tesla is the most “hackable” according to the nonprofit, nonpartisan Consumer Watchdog group. It recently released a video showing how a box it built with the help of technologists could hack into the wireless connection of a Tesla and take over the screen with a "This Tesla's Been Hacked" message.

The group said the demonstration showed how vulnerable the wireless connection in the cars is– by amplifying the signal it could work on many vehicles simultaneously, a large-scale hack. Once in control of the screen, a hacker could suggest malware be downloaded, potentially giving them access to the car's operation and control over the vehicle, or otherwise sabotage the car.

The video was released in conjunction with Consumer Watchdog’s new report: "Connected Car Report 2020: The Models Most Open To Hacks," in which it reviews the "Hack 10" of top selling cars. Read the report here.

The report found that all of Car and Driver's top 10 best-selling cars for 2020 have features that allow wireless connectivity with safety critical systems and no known way to disconnect those systems. The group says this leaves the vehicles vulnerable to an unprecedented, large-scale hack.

"The 2020 fleet is wired for remote start options that connect to safety critical systems wirelessly and leave these cars vulnerable to fleet wide hacks," said Jamie Court, president of Consumer Watchdog. "The remote start capability is accessed through the same digital systems that control steering, acceleration, and braking -- potentially giving hackers control over those as well. Automakers acknowledge to their shareholders that their designs are very vulnerable to malicious hacks at the same time as they promote their wireless start features to the public as a panacea. If Consumer Watchdog can hack a Tesla's wireless connection from outside the vehicle, imagine what mischief a hostile foreign actor could do with exponentially more resources."

To prepare its "Connected Car Report 2020," Consumer Watchdog reviewed technical specifications and surveyed dozens of sales departments and service technicians at major car manufacturers.
The nonprofit group found that many dealership employees misrepresented that the safety-critical systems of top selling models are linked online and the dangers of such connections. None of the cars came with an apparent method to disconnect the car from the wireless connection.

When safety critical systems – brakes, engine, steering – are connected wirelessly there is the possibility of that connection being hacked on a fleet-wide basis. This danger is outlined in Consumer Watchdog's previous report, "Kill Switch: Why Connected Cars Can Be Killing Machines and How To Turn Them Off."

The group reserved its grand prize of "Most Hackable Car" for Tesla based on its history of hacks, outlined in the "Connected Car Report."

For example, in July 2017, Tesla CEO Elon Musk professed that the biggest danger of autonomous car technology was a "fleet wide hack." According to Consumer Watchdog, in August 2020, it was reported that just months before that 2017 statement Tesla had faced a fleet wide hack, but failed to reveal it to the public or regulators. Instead, it paid the discoverer of the problem to keep the incident quiet. Read the story here.

The company also faced a series of hacks by Keen Labs, a prolific hacker group based in China.

Unlike "white hat" hackers that disclose their findings privately to the company in exchange for payments, called bug bounties, Consumer Watchdog did not contact Tesla about the vulnerability it found. The consumer group said that the point of the hack was to show that Tesla's failure to commit to security by design puts the public at risk and it should have to face that fact in the light of public scrutiny.

Tesla has dismantled its North American public relations department and does not even have a liaison to the public to address safety concerns.

Consumer Watchdog tweeted at Elon Musk "Hey Elon. Hacked your Tesla. Can you figure out how?"

"Elon Musk will either figure out how we hacked the Tesla and patch the problem or he can drive his Tesla down to our office and we will show him how we did it in person on his car," said Court. "The point is that Tesla's system is insecure by design and puts the public at risk. Musk and the car industry need to pay attention to the risks. As we say in the video, we could have amplified the signal and performed the same hack on many Teslas simultaneously. It is inherently dangerous to have unsecured wireless connections to safety critical systems in cars."
Related Articles
Special Thanksgiving Message From Jerry Reynolds
To educate yourself for the feeling of gratitude means to take nothing for granted, but to always seek out and value the kind that will stand behind the action. Nothing that is done for you is a matte... More ›
Holiday Shoppers: Be Careful Parking At The Mall
When it comes to hitting the shopping mall during the holiday season, it can be a real jungle out there. Parking lots are accidents waiting to happen as they fill up with cars and people, including th... More ›
Black Friday Auto Sales/Last Weekend of November
While shopping on Black Friday can be a stressful, tiring, and downright frightening thing to do, consumers will find some great deals on one of the biggest purchases they'll ever make: a new car.
... More ›
10th Annual Toyota Dream Car USA Art Contest Is Underway
Calling all budding car designers. Toyota’s Dream Car USA Art Contest is now underway. It’s a chance for youth aged 4 to 15 to design their dream car and perhaps win an award while they are at it. T... More ›
There haven't been any comments left on this blog yet. Be the first to add one!.