Tesla made a statement with the launch of Sentry Mode and TeslaCam that safety will be a top focus for its consumers. However, security experts and consultants suggest that the Tesla Model 3 and Model Y may be easily hacked.
Sultan Qasim Khan, an experienced security expert at NCC Group, demonstrated the attack to Bloomberg. A hacker transfers data using two small hardware devices. Khan placed one relay device around 15 yards away from the Tesla owner’s smartphone or key fob and another near the car, connected to his laptop, to unlock the vehicle.
Khan produced custom computer code for Bluetooth development kits, which can be obtained online for less than $50.
According to the NCC group’s research, relay attacks against the Model 3 were effective, with up to 80 ms of round-trip delay artificially induced over the basic level of latency provided by the relaying tool over a local Wi-Fi network.
Attempts to contact the world’s largest electric vehicle manufacturer were futile. Tesla said that they would have to repair the car’s hardware and dismissed the problem as minor. The corporation made no formal statement.
The NCC group’s suggestions to Tesla included making consumers aware of the hazards of BLE relay attacks and recommending them to use the PIN to Drive feature, which was purportedly intended to combat the problem in 2018. Deactivating passive entry might also be beneficial.
Tesla seems to be passively addressing the issue, as it upgraded models released in 2019 and after with a newer version of Bluetooth and an HW clock that reduced the time required to unlock the device.
This issue, however, is not unique to Tesla; it demonstrates the flaws in the Bluetooth Low Energy (BLE) protocol, which is used to connect devices and must be addressed properly.
Sign up for our newsletter to get the best of The Sized delivered to your inbox daily.
