Why is Tesla upgrading its software security?
A group of Chinese security researchers from Keen Security Labs were able to tap into various functions of a Tesla Model S. They performed various testing experiments which included moving the sunroof, activating seat controls and turning on steering lights.
Then, they proceeded to hack directly into the touchscreen of the Sedan replacing the UI with their logo (which also appeared on the car’s control panel) and later into the car’s more vital functions. They unlocked the doors, activated the brake system and lifted the trunk—the last two were performed while the vehicle was moving.
The experts also managed to fold the rearview mirror and turn on the wipers, all while driving. They released a video of the complete hack on September 21.
Tesla issued an online fix
This remote hack has prompted Tesla to upgrade its software quickly, but cyber-security in automobiles has always had problems. It is something Tesla knows very well.
In March this year, a hacker named Jason Hughes broke into his own Tesla and reportedly disclosed a new model that had not been yet announced to the public. He later reported the company itself had punished him by downgrading his car’s firmware.
Ten days after receiving the hacking report, Tesla released a software update. The cars automatically received the update. A Tesla spokesperson told Bloomberg Technology that their “realistic estimate” regarding consumer risk was “very low,” though this did not stop them from “responding quickly.”
What do you need to hack a Tesla Sedan?
New risks for consumers usually accompany new technologies. The transition from wired technology to a wirelessly connected world exposes people to new kinds of threats.
However, TechCrunch said there were many elements for the Chinese hackers to access the system. For instance, the car was using a malware infected hotspot.
The hackers were very close to the vehicle, and it would not have worked if they happened to be a little farther. Also, the hackers need the Sedan’s web browser running to access the car’s systems.
Source: Fortune