Car Hacking: Could It Happen to You?

By Car Accident Help on January 25, 2018 | Posted in: Product Liability

The Oklahoma Bureau of Investigation has reported that statewide, there were 10,169 car thefts in 2015. In Tulsa, there has been a recent wave of auto thefts. These thieves seem to work in small groups, moving through residential neighborhoods after dark. In addition, the thieves use garage door openers from the vehicles with attached garages to access homes, searching for valuables. With more surveillance cameras now in use, many of the thefts can be seen on tape.

According to police corporal Chris Chomosh, far too many residents with a false sense of security are leaving their doors unlocked. He estimates that 15 vehicle thefts occur each day and approximately 85% are recovered—many of them wrecked or fire-damaged.

As cars continue to evolve in technology toward autonomous vehicles, thieves will continue to devise new ways to hack.  But there are a few ways to stop hackers from stealing your vehicle. (Locking your doors is a good idea regardless.) How is it all done?

Basically, hackers can use devices to intercept the signal of a car’s key fob. When successful, they can then unlock the doors and start the engine for a quick getaway.

Key Fob Signal Interception

A family in Florida recently parked a $50,000 Chevrolet Suburban at a resort with 24-hour valet service. The keys never left the valet room; however, the SUV was stolen. Roger Morris of the National Insurance Crime Bureau says that these thieves used a “relay attack,” which intercepts and mimics the signal of the key fob. Morris conducted the process with 35 different vehicles and was successful in 18 attempts. Essentially, the only evidence of the theft is if it is seen on surveillance cameras.

Several days after a Mercedes was stolen in the same area, a BMW X5 disappeared from an English homeowner’s driveway during the night. Video surveillance showed the thieves using some type of transmitter held in a bag, which presumably emitted the signal from the owner’s key fob located inside of the home. One of the men held the bag close to the front door of the home, while the other waited for the car doors to unlock. Ray Anderson, with Classic Security Solutions, explained that key fobs emit a continuous signal that can be detected by the right device. There is typically a way to turn the signal off; however, most people don’t know that.

A group of analysts from a security company in Beijing called Qihoo 360 created a device that hacks vehicle relays as well. It cost them a mere $22 to make. Their design allows for long-range theft: the owner’s key fob can be over 1,000 feet away from the vehicle, a sizeable improvement over the usual maximum of 300 feet. Instead of intercepting or hacking the code, it is copied and then transmitted with a radio to a device that makes the car’s security system think the key fob is there. Qihoo’s representatives say that auto manufacturers and system integrators will need to find ways to prevent such methods of auto theft. They did say that putting your key fob in a Faraday cage, which blocks transmission of signals, typically works well to prevent this particular hack.

Radio Amplification Attack

In Germany, members of an auto club called ADAC developed a wireless hack that extends the range of a vehicle owner’s key fob to unlock cars and drive them away. Their “amplification attack” method worked randomly to unlock 19 out of 24 types of vehicles. The hardware costs roughly $225. ADAC says they are keeping the details of their device confidential so that others do not attempt to replicate it.

They did suggest that most intermediate students of electronics could figure out how to create such a device. Though it has been five years since the initial report was published on this vulnerability among many makes and models of cars, it does not appear that existing owners have been notified or provided with some kind of fix.

Breaches in Vehicle Security

It was recently announced that the encryption used by Megamos, which makes chips for Volkswagen, had been breached. At a recent DEFCON security expedition, Samy Kamkar, a researcher, revealed his RollJam device, which can be planted in a vehicle and counters the “randomly reset” codes that have been added as security. (This technology was developed to counter signal attacks by constantly changing the codes.)

In spite of all these new methods, there are old-fashioned fixes. If you have key fobs that could potentially be hacked, place them in sealed metal containers or even refrigerators to guard against the detection or manipulation of signals.

For more information or free legal guidance on your car-related problem, talk to Car Accident Help at (405) 285-4357.