Exploits & Vulnerabilities
Two Security Researchers Hack Tesla Car Using a Drone
The exploit called TBONE targeted most Tesla Model 3 vehicles. According to the hackers, it attack the ConMann connection to remotely access the cars' infotainment systems.
Save to Folio
Two security researchers managed to hack and remotely access parked Tesla vehicles. The duo released their findings last May 4, 2021, with a detailed description of how they compromised parked Teslas and controlled the infotainment systems over WiFi using a drone.
Ralf-Philipp Weinmann of Kunnamon, Inc. and Benedikt Schmotzle of Comsecuris GmbH found vulnerabilities in Tesla systems' open-software source component, ConnMann. Once hacked, the researchers could pretty much do anything on the Teslas.
Weinmann and Schmotzle added that they could also open the autonomous vehicles' doors and trunks, change the seat position, and modify the steering and acceleration modes.
The duo targeted the fact that modern Teslas, such as the Model 3, automatically connect to Tesla Service, a wireless network. They hacked into the ConnMan internet connection, accessing the cars' infotainment system.
However, the researchers said they couldn't directly control the vehicles' driving systems.
Weinmann and Schomtzle called their exploit TBONE, which they hoped to showcase at the 2020 , a hacking competition that Trend Micro's Zero Day Initiative has sponsored since 2007 to secure the connected world.
But since the contest got cancelled, the duo decided to contact Tesla and share the findings, informing the company of the vulnerabilities.
Tesla has since released a patch for the hack using its over-the-air software update ability.
In November 2020, Consumer Watchdog also listed Tesla as the "world's most hackable car". According to the report, despite Tesla's claims about their connected cars' security, a hacker was able to access the company's fleet and remotely control the safety-critical system of every car.
Due to the arrival of 5G, connected cars are evolving a lot more quickly. Demand is also on the rise. The market is predicted to grow by 10.4% in sales by 2026, according to ABI Research.
However, this growing demand means countermeasures should be taken to ensure the security and safety of connected vehicles, drivers, and passengers.
As a leading cybersecurity solutions company, Trend Micro has done and various studies, looking into the risks associated with connected cars.
To learn more about such threats and how they can be mitigated, read the white paper entitled “Cybersecurity for Connected Cars: Exploring Risks in 5G, Cloud, and Other Connected Technologies”, identifying and providing insights to various prevention techniques against such security risks.