A German teen hacker managed to get unauthorized access to 25+ electric vehicles manufactured by Tesla. The cars were located in more than ten different countries around the world. The cyber security enthusiast connected with one of the drivers, who allowed him to remotely honk the car’s horn. The hacker used Tesla’s bug bounty program to report the issue to the Texas-based car giant but could not get Tesla’s attention quick enough, so he disclosed part of the vulnerability on Twitter and in interviews to the press.
Elon Musk’s morning got likely better when the hacker said that the issue he found would not allow him to gain complete remote control of the cars. Instead, the security flaws would only let the hacker perform less dangerous tasks such as locking and unlocking the windows and the doors. The teenager also reported that he could disable the cars’ security systems and turn the car’s radio on and off.
He was also able to play YouTube music onboard the breached electric vehicles. The security fault would also let the teen hacker turn the car’s lights on and off. All done remotely, while he is located thousands of miles away from the cars. The teenager was also able to see whether a driver was present in the car and was also with access to info showing the vehicle’s precise location. He said he could unlock the doors and potentially start driving the affected Teslas.
The security flaw was discovered in a third-party software used by Tesla drivers that Fortune magazine says is operated by a “relatively small number of owners.” The cyber security enthusiast said that he took his findings to Twitter as he was frustrated that there was no quick way to notify the Tesla owners about those vulnerabilities.
The hacker pointed out that the vulnerability must be considered an owner’s fault but not an issue of the infrastructure of the Tesla electric vehicles. He also encouraged manufacturers to leave the internet out of critical tech. Connecting anything to the internet opens doors that hackers can use to get unauthorized access. Cars, refrigerators, coffee machines – all types of equipment could be affected by potential hacks or user errors when connected to the internet.
Electric cars are often dubbed as computers on wheels and in the future, and as such, they would require the same number of precautions as regular computers. While there is no antivirus software for Tesla cars yet, users can protect mobile devices, as hackers often use those as gateways to exploit other tech products’ vulnerabilities.