Tesla, the hi-tech company that happens to make a few cars, recently found itself on the wrong end of an IoT hack that allowed attackers to remotely control certain aspects of its electric cars.
Considering that Tesla and founder Elon Musk are both high-profile targets, and considering that every vehicle they ship has a dedicated cellular backhaul connection that is known to be able to control every aspect of the car, it's not surprising in the least that hackers (good and bad alike) are targeting the platform. And in fact they've faced this problem before (for example, back in April 2014 when it was found that the doors could be unlocked remotely by an attacker).
But the attack put forward at the 2015 Defcon security conference highlights both the strengths and weaknesses of the current platform's security strategy:
They hit many dead ends — the report notes 90% of their presentation was dedicated to the walls they ran into — until finding a mysterious Ethernet port that they used to access the car's network which allowed them to connect to Tesla's virtual private network (VPN).
With physical VPN access, the hackers downloaded and decompiled the car's firmware, pointing them in the direction of an insecure folder of passwords. The hackers then spoofed the Wi-Fi network at Tesla service centers (which the car is automatically designed to connect), giving them access to a piece of software called QtCarVehicle, which controls all the vehicle's functions.
So while this particular attack is somewhat impractical, it does point out that even the most secure and technically adept IoT companies may find themselves in the security hot seat, particularly as their devices gain traction in the marketplace (hackers love juicy targets). Tesla, to their credit, has already put together an OTA patch for the flaw, and has introduced a bug bounty program that encourages other security researchers to find and disclose flaws in their software. That's certainly a far cry from what most automakers have done so far.
RSS feed for comments to this post