Hackers have found a way to access Tesla vehicles and can control them from 12 miles away.
Tesla Model S is a full size, electric car with autopilot features produced by Tesla Motors. Boasting a 265-mile battery pack, 0-60mph in only 2.8 seconds, and a system fully controlled by the 17-inch touchscreen on the dashboard, it is the most advanced car of its kind.
Advanced as they may be, Tesla touchscreens have been targeted by Chinese hackers, using exploits to gain control of various parts of the vehicle such as activate brakes, unlock doors and fold mirrors from up to 12 miles away. Mark James, ESET IT Security Specialist, looks into the threat Tesla face and how they should deal with this.
What must Tesla do to prevent future breaches?
“Tesla will continue to invest and work very hard in making their cars as secure as possible.
“When it comes to software there is always the possibility of it being compromised, no matter how good you think your code is.
“The key differentiator here is how quickly you listen, change and modify any confirmed flaws found through bug bounty type programs, get them rectified and then push these out to all affected.
“More and more cars are going to be connected, but unlike your desktop machine, if it becomes compromised it’s not just money that could go missing. These types of security incidents, in the worst case scenario cause harm or even loss of life.
How big a threat is cyber security with regards autonomous cars?
“It’s a very real threat and one that should be treated with the utmost respect. Interconnected cars will be as common as getting your latest social networking fix wherever you are on the move these days, but it comes with a real danger.
“The potential is huge if something goes wrong at speed and even the simplest of things could cause the driver to become distracted and be the cause of a road traffic accident.
“When we drive we expect to be in total control of our own vehicle, and mirrors or windows moving, braking or even sudden sounds internally could all be the cause of taking our eyes off the road for the shortest of times and that could prove to be fatal.
Are developers and manufacturers doing enough to deliver secure software?
“Delivering secure software is a constantly changing factor, as what is considered secure today may not be secure tomorrow.
“The ability to modify and push our updates is important; making sure the user is well aware of any updates and making it easy for them to be applied needs to be top of the list when it comes to protecting the users of these types of vehicles.
Can drivers do anything to improve vehicle security?
“The biggest single thing here is making sure you have applied all patches relating to security that are available for your vehicle, even if you think its unrelated or does not affect you. It may be an avenue for attack, so keeping your car up to date is even more important than keeping your desktop computer updated.
“It’s important to make sure you keep your details up to date to enable the manufacturer or supplier to contact you if any urgent modifications need to be done that cannot be pushed over-the-air.
With autonomous vehicles on the rise, do you think the software will still be targeted?
“Yes, there is no perfect world when it comes to software. You can be 99% safe and protected, but there will always be the slimmest chance of a hack that the developer of the software never intended possible.
“The best you can hope for is fully up-to-date software and relying on the ability of the manufacturer to do their job to the best of their ability.
How difficult will this be for insurance?
“This could be a nightmare for insurance claims, for the average person trying to prove they were compromised could be very difficult indeed.
Would you drive an autopilot driven car? Let us know your thoughts via Twitter @ESETUK
Join the ESET UK LinkedIn Group and stay up to date with the blog. If you’re interested in seeing where ESET has been featured in the news then check out our ‘In the news’ section.