Tesla makes security fixes after Model S remotely hacked

Photo courtesy Tesla Motors

PALO ALTO, Calif., Sept. 21 (UPI) — Tesla has made a software update after Chinese security researchers said they successfully took control of a Model S sedan remotely in driving and parking situations.

The automaker of the all-electric car said in a statement Tuesday the bugs were fixed one day after cyber-security researchers with China’s Tencent Holding reported their findings on their blog.

The Keen Security Lab gained remote control by hacking into an onboard computer system known as a CAN bus.

The researchers posted a demonstration on YouTube in which they engaged the moving car’s brake from 12 miles away. In another demonstration, a researcher used a laptop in the car to turn on its windshield wipers and open the trunk while the car was moving.
Also, while the car was parked, they opened the sunroof, controlled some of the vehicle’s lights and unlocked the doors.

Tesla said it released an over-the-air software update on its vehicles within 10 days of learning about the bugs and owners did not need to take their cars to the dealer for the fix.

“The issue demonstrated is only triggered when the Web browser is used, and also required the car to be physically near to and connected to a malicious WiFi hotspot,” the company said. “Our realistic estimate is that the risk to our customers was very low, but this did not stop us from responding quickly.”

Tesla has asked software experts to test security of their products.

“We commend the research team behind today’s demonstration and plan to reward them under our bug bounty program, which was set up to encourage this type of research,” the company said.

The company pays from $100 to $10,000 per bug reported.

Last year, Fiat Chrysler recalled 1.4 million U.S. vehicles to fix onboard software bugs uncovered by two researchers who gained remote control of a Jeep traveling at high speeds. The video was posted online.

Unlike the Tesla cars, Chrysler owners had to contact the company for a USB stick with the update.

LEAVE A REPLY

Please enter your comment!
Please enter your name here