Sooner or later – you know it had to be sooner, too – it had to happen, the Tesla S, the California electric automaker’s top-of-the-line model, was going to be the victim of hacking.
The $100,000 S, an all-electric that has just about every comfort, convenience or safety item known to modern man (curtain airbags, blindspot warning and the like), was hacked by a group of “white hat” hackers from China’s Qihoo 360 Security. Their aim was to show just how easy it is to hack the S model.
While not revealing exactly how they perpetrated their hack – it likely had to do with either WiFi or Bluetooth technology (more about that shortly) – took over the headlights, sunroof, horn, doorlocks, wipers and horn.
A spokesman for Qihoo noted that all it took was accessing and decrypting a specific six-digit code in their app software and, voila, the floodgate was opened. Qihoo offered to work with Tesla to tighten up security on the S.
“White hat” hackers
While not saying so exactly, the tenor of the announcement from Qihoo, was that they were acting as “white hat” hackers or good guys who were just trying to point out a major security flaw in the software that runs the computerized, electric vehicle.
The Tesla, which apparently uses one of the largest arrays of computers in the car business, is little more than a wrapper for its 17-inch, oversized vehicle display. The touchscreen display acts as the interface between you and the vehicle. Every function is accessed and controlled through the rather large display.
The Qihoo hacker group did their hack at the start of a new conference, the SysCan + 360, a also sponsored by Qihoo. The prize for the best hack of the conference was $10,000, however the Qihoo hackers couldn’t take advantage of the money award since they are employees of the company.
The actual announcement of the hack was made at the social networking site that Qihoo uses, the Sine Weibo social networking site where the company apparently hangs its hat much of the day.
Tesla knew nothing about hack
Tesla didn’t know a thing about the hack, a Qihoo spokesman said. “While Tesla is not associated with the conference and is not a sponsor of the competition (the $10,000 hack contest), we support the idea of providing an environment (with) which security researchers can help identify potential vulnerabilities. We hope that the security researchers will act responsible and in good faith.”
Suffice it to say that while Tesla has not commented publicly yet on the Qihoo hack, they are probably more than a little put out that a company that calls itself a security firm is responsible for the first major hack of their top-line vehicle.
Possible routes for the hack
Although it may seem surprising that a company like Tesla that sells a $100,000 marque is open to hacking, it really shouldn’t be. Indeed, if you know the technologies that Tesla uses for its vehicle control and if you know a bit about radio frequency (RF) technology you can probably figure out how the hackers launched their attack.
In this case, there are two likely routes that Qihoo’s hackers probably used to launch their attack. The first would be Bluetooth and the second would be WiFi.
That probably has set you back on your heels a bit, hasn’t it? Most people do not realize that:
Bluetooth is an interactive radio-based technology.
Bluetooth is a two-way technology.
Think about this for a moment. Bluetooth operates as a Part 97 (FCC) device in the ISM service frequency space from 2.4 GHz to 2.485 GHz. Since it is an RF-based technology, it is relatively easy to set up a transmitter and receiver in a lightly used area of the band, and to keep trying different code combinations until you have hacked through to what you are after. You can then set up your own nearly hack-proof technology to protect the hack you have made.
Likewise, if you are putting your device on the Internet, you will likely be using 802.11 a/b/c/g/n devices. These devices transmit and receive in 11 send/receive channels in the 800, 850, 900, 2100 and 2150 MHz spectrum. The letter at the end of the number determines the frequency.
Again, since it is an RF technology, information is sent and received on specific channels that hackers can identify and use for their own ends. It is possible, since they are portable devices, for hackers to mix and match their transmitters and receivers so they can interact with the devices they need for their hack.
Nothing is hack-proof
In other words, if you are using either Bluetooth technology or WiFi, nothing can really be made hack-proof. This is the likely way that the Qihoo hacker group accessed the Tesla S.
The problem with using this technology automotively is that hackers, bent on doing nasty things, can do some nasty things such as cause brakes to lock up when they should be rolling, causing all sorts of problems or an accident. The same is true of the transmission.
Charles Miller, an independent security expert, said he isn’t surprised that the Tesla was hacked. Indeed, it said it is also too early to tell if the Tesla will be the the target of further hack attacks. He also noted that, as just explained, many people realize just how open Bluetooth or WiFi are.
“I don’t think a lot of people realize that the systems that provide Bluetooth connections or navigation maps” are the same systems used to control physical devices. Since these devices are two-way, he speculated, they can also be used to hack braking and turning. Further, he noted that cars have “relied more heavily on computers” than most devices and now it’s time to figure out how to control them.