A total of six vulnerabilities were found in the Model S’s software, but the duo said they were found after they had physical access, The LA Times reported.
Advertisement
“We shut the automotive down when it was driving initially at a low velocity of 5 miles per hour”, the newspaper quoted Rogers as saying. Rogers said that all the screens went dark, the music switched off and handbrake came on that ultimately stopped the vehicle.
The researchers, Marc Rogers of Cloudflare and Kevin Mahaffey from Lookout, discovered that the vulnerabilities could be exploited, with hackers handed the ability top shut off the vehicle and make it suddenly stop. Apparently, anybody who has physical access to the interior of the Model S can inject malware into the system that gives that individual complete control.
“We are building more validation vehicles, executing final engineering and testing work, enabling our new manufacturing equipment and finalizing arrangements with our suppliers”, Tesla Motors (NASDAQ:TSLA) CEO Elon Musk said in the letter. They also cut off the transmission and disconnected the brakes.
In a press release, Tesla stated the hackers didn’t flip off the automotive remotely, however from contained in the auto.
Despite Tesla’s powerful security, the researchers probe still unearthed certain vulnerabilities with the company’s system.
After plugging a laptop into the network cable behind the dashboard on the driver’s side of the Tesla, the researchers were able to plant a Trojan on the car’s network which allowed them to later power down the engine once they were no longer physically connected.
One way to bolster a car’s security is by increasing the protection around individual components, and that way preventing a hacker from using one compromised system to access another. Cars will automatically receive software updates over their existing wireless Internet connections on Thursday, the company said.
“This week, news surfaced that Fiat Chrysler did not inform US regulators of a severe software flaw in Uconnect-equipped vehicles which could allow attackers to remotely control cars”.
However, unlike other automakers, Tesla has proper systems in place to fix such bugs and provide regular software updates to its vehicles.
Advertisement
“Our research confirmed that Tesla indeed made a number of excellent security decisions in the design of Tesla Model S”, Mahaffey wrote.
