Up to 100 million vehicles manufactured by German manufacturer Volkswagen AG could be hacked and stolen due to deficient security, according to a newly published research paper.

According to a paper from German security firm Kasper & Oswald, it was found that certain Audi A1, Q3, R8, S3, TT, along with the VW Beetle, Golf 4, Golf 5, Golf 6, Golf Plus, Jetta, Passat, Tiguan, and Touran vehicles sold from 2005 to 2016 are vulnerable to key-cloning attacks.

The security vulnerabilities were discovered after the research team reverse-engineered the keyless entry systems used in the cars, and then were able to clone the keys using a commercially available radio and laptop to capture the signal sent when an owner hits the unlock button on a key fob.

Of note, the wide variety of vehicles susceptible to the attack is due to the fact that Volkswagen used the same security platform for the key fobs across their entire range.

“In our first case study, we show that the security of the keyless entry systems of most VW Group vehicles manufactured between 1995 and today relies on a few, global master keys,” the paper reads (pdf). “We show that by recovering the cryptographic algorithms and keys from electronic control units, an adversary is able to clone a VW Group remote control and gain unauthorized access to a vehicle by eavesdropping a single signal sent by the original remote.”

The paper isn’t limited to Volkswagen manufactured vehicles either, with vehicles made by Alfa Romeo, Chevrolet, Peugeot, Lancia, Opel, Renault, and Ford also found to be vulnerable to a different, but similar exploitation under the Hitag2 rolling code scheme that allowed cloning of a remote control. “Our findings affect millions of vehicles worldwide,” the paper notes, “and could explain unsolved insurance cases of theft from allegedly locked vehicles.”

VW responds

In response to the publication of the paper, Volkswagen said in a statement that among other things that there is no 100 percent guarantee for security before defending its own technology:

The bar for theft prevention is constantly being raised, but ultimately there is no 100% guarantee for security. On one hand, criminals are equipped with sophisticated tools, and on the other hand, theft protection is impacted by the fact that we have to provide access to the OBD interface (On-Board Diagnosis) as well as the processes and documents in connection to these systems. With highly specialized technical knowledge, individual electronic components of the vehicles can be manipulated though this open interface.

Volkswagen’s electronic and mechanical security measures are state-of-the-art technology. Volkswagen also offers innovative technologies in this field that are continuously developed further.

Researchers from the university of Birmingham set themselves the task of analyzing security technologies such as the immobilizer and remote control to identify systematic weaknesses, regardless of practical applicability. Their academic work that has now been published showed that the security systems of the vehicles that were up to 15 years old do not have the same security level as, for example, our present vehicles based on the MQB Modular Transverse Matrix (e.g. the current Golf, Tiguan, Touran, Passat, etc.). These current vehicle generations are not affected by the problem described.

The responsible department at Volkswagen Group is in contact with the academics mentioned and a constructive exchange is taking place. We agreed that the authors would publish their mathematical-scientific findings, but without the sensitive content that could be used by accomplished criminals to break into vehicles. The findings obtained will serve to further improve the security technology.

It may be too early so say with certainty but if the security problems are as widespread as suggested old fashioned methods to prevent car theft, such as a steering wheel lock, could soon come back in vogue.

photo credit: New Car via photopin (license)