At the Black Hat security conference later this week, an Australian security researcher will reveal a method for wirelessly unlocking a car with nothing but some radio equipment and ingenuity. It’s not an easy hack, and there are a lot of caveats. But it’s certainly a lot easier than it should be. See for yourself.
Silvio Cesare, the car-hacking security researcher, explained the whole technique to Wired recently. It basically involves tricking the car into thinking that it’s being unlocked with the standard wireless key fob, when really it’s being pinged with a signal from a software-defined radio attached to a laptop. The radio first finds the frequency that the key fob is using and then cracks the specific mode of encryption using a brute force attack. As Cesare very clearly shows in a video of the exploit, the car pops open after a few keystrokes.
Again, this is not something the teenage kids down the street are going to start doing after school. First of all, it requires about $US1,000 to buy the necessary radio, antenna and amplifier. Then, the whole process of finding the right frequency and cracking the code can take up to two hours. And then the attacker would also need to intercept the signal from the actual key fob in order to get a special car-specific portion of the code. That’s a lot of equipment, and steps, and what-ifs. But it’s not entirely improbable.”If someone’s parked their car in a garage overnight, something like this is definitely plausible,” he told Wired.
Whether this specific sort of exploit is a huge problem is up for debate. Cesare only tested the technique on his own car, a decade-old sedan. However, in the context of the many, many other wireless car hacks, it’s becoming increasingly clear that cybersecurity on the road is too often overlooked. Heck, if a hacker can fire up a care wirelessly and then control it from 2400km away, something’s not right. Other new car-hacking tools seem to pop on the web every other week or so. Things get scary when the serious security companies start experimenting too.
The good news is that you can avoid becoming a victim to this specific kind of hack by simply using your manual key. The key fob is convenient, sure, but it also exposes a vulnerability to the car’s security system that could get your stereo jacked — or your whole car. So if in doubt, just take the old-fashioned route and unlock the door with a key. [Wired]
Picture: Shutterstock / Kekyalyaynen