A Simple Password Hack May be a Key to Hijacking Tesla Electric Cars

April 11, 2014

Experts have warned that there is a possibility for Tesla electric cars worth $100,000 to be hijacked using a simple password hack. A six-digit password can be used for accessing the car’s system. Security experts have further claimed that the six digits can be cracked easily and this would allow hackers to access the electronic systems of a car. In this way, these hackers can use a remote sensor to not only track, but also unlock cars.

During a presentation at a security conference in Singapore, a corporate security consultant, Nitesh Dhanjani, said that cars cannot be protected in the same way as computers or workstations. Dhanjani went to further claim that the findings obtained had been passed on to Tesla. Patrick Jones, the Tesla spokesman did not give any comment regarding the findings. However, he said that the automaker would make a thorough review on the research and findings regarding security issues.

Jones said that the automaker is committed towards protecting its systems and products against vulnerabilities. It has an experienced team comprising of information security experts. The automaker continues to work collaboratively with security researchers while encouraging them to communicate via a reporting process that is responsible. To drive Tesla’s Model S, a key fob has to be present. The car can however, be unlocked through a signal that is transmitted over the Internet wirelessly.

Dhanjani further added that in case there is hacking or stealing of a password, a person could not only locate, but also access the car and steal contents. Other than that, the car cannot be driven by a hacker. It is fundamental for users to open an account using a six-character password as the security. The account needs to be set up when the car is ordered. The password in question is used for unlocking a phone application and accessing the user’s Tesla account over the Internet.

The mobile application is freely available and serves a remote sensor for locating and unlocking the car. The application can also control other car functions. Evidence has shown that the password is susceptible to a wide range of attacks that are the same as those used to access an online account or computer. An attacker can easily make password guesses through the online Tesla website. Apparently, there are no restrictions to the number of wrong login trials. Password-stealing viruses can be used by attackers in attempting to access the password from the user’s computer. Dhanjani concluded by saying that the fact that $100,000 car should be depending on a six-character password is a big issue of security concern.



Filed under: All Posts,Electric Cars

Tags: , , , , , ,

Leave a Comment


(required), (Hidden)

XHTML: You can use these tags: <a href="" title=""> <abbr title=""> <acronym title=""> <b> <blockquote cite=""> <cite> <code> <del datetime=""> <em> <i> <q cite=""> <s> <strike> <strong>

TrackBack URL  |  RSS feed for comments on this post.

Back to JuicedHybrid.com



RSS AutoBlogGreen Feed


April 2014
« Mar   May »


Back to Store