IT Pro is supported by its audience. When you purchase through links on our site, we may earn an affiliate commission. Learn more

Security researchers take control of a Tesla via drone

Cyber security researchers found a way to unlock the car doors with a Wi-Fi dongle

Tesla factory

Last week at an IT security conference, a pair of cyber security researchers demonstrated how they could unlock and open a Tesla’s doors using only a drone outfitted with a Wi-Fi dongle.

They were originally going to demonstrate this at last year’s Pwn2Own hacking competition, but that contest got canceled due to the COVID-19 pandemic. So, they presented it at this year’s CanSecWest conference instead.

You can view the German cyber security experts’ presentation via a 40-minute-long YouTube video. If you want to skip to the action, you can head directly to the 36-minute mark to see them unlock the Tesla.

The hack shouldn’t be possible today, the researchers explained, because the security flaw they exploited got fixed with a software update last October after they informed Tesla about it. However, the researchers said other automakers might have the same vulnerability in their operating systems.

In their presentation, the researchers said they exploited vulnerabilities in ConnMan, an open source software component produced by Inte that functions as an internet connection manager for embedded devices. 

The researchers discovered they could exploit this flaw to take control of a Tesla’s infotainment system. From there, they could do anything a driver could do by pressing the buttons on the car’s console, including unlocking the doors and trunk, changing seat positions, playing music, and controlling the air conditioning.

Related Resource

The definitive guide to IT security

Protecting your MSP and your customers

The definitive guide to IT security for MSPs - whitepaper from LiongardDownload now

However, they couldn’t start or drive the car.

In the video, they use a drone equipped with a Wi-Fi dongle to remotely hack into a Tesla Model X’s infotainment system. They said this technique worked on Tesla S, 3, X, and Y models from up to 300 feet away.

The really concerning part is that other automakers besides Tesla use ConnMan software. An improved version of ConnMan came out in February, the researchers said, but it’s not clear how many automakers are using it.

Of course, this isn’t the first time hackers or cyber security researchers have targeted Tesla or its vehicles. In March, hackers breached more than 150,000 security cameras at Tesla and internet security provider Cloudflare. Last year, McAfee researchers used a two-inch strip of tape to trick Tesla autopilot systems into accelerating their vehicles 50 mph above the speed limit. Finally, in 2018, security researchers discovered Tesla keyfobs were vulnerable to spoofing attacks that would allow attackers to steal a Tesla simply by walking past the owner and cloning their key.

Featured Resources

Big data for finance

How to leverage big data analytics and AI in the finance sector

Free Download

Ten critical factors for cloud analytics success

Cloud-native, intelligent, and automated data management strategies to accelerate time to value and ROI

Free Download

Remove barriers and reconnect with your customers

The $260 billion dollar friction problem businesses don't know they have

Free Download

The future of work is already here. Now’s the time to secure it.

Robust security to protect and enable your business

Free Download

Recommended

Cyber security in the retail sector
cyber security

Cyber security in the retail sector

28 Sep 2022
Cyber security in manufacturing
Whitepaper

Cyber security in manufacturing

28 Sep 2022
CIO Priorities: 2020 vs 2023
Whitepaper

CIO Priorities: 2020 vs 2023

23 Sep 2022
The future of work is already here. Now’s the time to secure it.
Whitepaper

The future of work is already here. Now’s the time to secure it.

21 Sep 2022

Most Popular

The human brain is far more complex than AI researchers imagine
artificial intelligence (AI)

The human brain is far more complex than AI researchers imagine

17 Sep 2022
How to secure your hybrid workforce
Advertisement Feature

How to secure your hybrid workforce

23 Sep 2022
What your hybrid workforce needs from their laptops
Advertisement Feature

What your hybrid workforce needs from their laptops

21 Sep 2022