Researchers Hack A Model S, Tesla Sends Out Over-The-Air Fix

When it rains, it pours.

After it was announced last week that cars from both Chrysler and GM had major security vulnerabilities, two security researchers announced that they had figured out a way to take control of certain components inside Tesla’s flagship Model S line, according to the Financial Times.

The hack is being demoed tomorrow at Black Hat’s computer security conference by Kevin Mahaffey, co-founder of the security firm Lookout, and Marc Rogers, principal security researcher at CloudFlare.

After physically connecting a computer to the car via an ethernet cable, Mahaffey and Rogers had access to certain systems in the car, and were also able to leave behind a Trojan Horse to allow for remote-access.

The most notable exploit discovered by the researchers was the ability to turn off a Model S, which if going under 5 MPH, would initiate the brake and cause the car to suddenly stop. However, if turned off while traveling faster than 5 MPH, the car just switched to neutral, leaving the ability for a driver to presumably safely navigate to the side of the road.

The bright side is that both researchers have been working with Tesla for several weeks on software fixes, and today the company rolled out an OTA (over the air) update to automatically update the car’s software, which will patch these vulnerabilities.

The company’s method of wireless updates lets them push new software to their cars over Wi-Fi or cellular connection, which is still a new experience for the automotive industry.

This method is a stark contrast to how Chrysler is handling its security patch, which is shipping 1.4 million USB drives to all affected owners. This technically means that some of Chrysler’s cars will still be vulnerable to remote takeover until all 1.4 million owners manually plug in the drives.

As more vulnerabilities are discovered in car systems, expect to see automotive manufacturers place a higher priority on things like information security and vulnerability testing. Notably, Chris Evans, former head of Google’s Chrome Security team, tweeted yesterday that he will be joining Tesla to lead the security team.

A Tesla spokesperson gave TechCrunch the following comment on the exploit and subsequent patch.

Our security team works closely with the security research community to ensure that we continue to protect our systems against vulnerabilities by constantly stress-testing, validating, and updating our safeguards. Lookout’s research was a result of physically being in Model S to test for vulnerabilities. Tesla has taken a number of different measures to address the effects of all six vulnerabilities surfaced. We’ve already deployed and developed an update to all Model S customers through our over-the-air system for the vulnerabilities they surfaced. And, we continue to develop further ways to harden our systems, informed by ongoing discussions with the security research community, as well as our own internal analysis.