UPDATED 19:58 EDT / SEPTEMBER 20 2016

NEWS

Researchers manage to hack Tesla brakes remotely

Researchers at Tencent Holdings Ltd.’s Keen Security Lab discovered a critical security hole in Tesla’s Control Area Network (CAN), which allowed them to remotely operate the vehicle’s brakes without ever having to physically interact with it.

Although Tesla Motors quickly patched the flaw, Keen Security Lab’s success raises serious security concerns for the future of self-driving vehicles. In a video, Keen Security Lab demonstrated that its researchers could remotely control a number of components in an unmodified Tesla Model S P85, including the vehicle’s sunroof, turn indicators and power seats. In a Tesla Model S 75D, the team showed that they were also able to unlock the vehicle’s door, disrupt its touchscreen, activate its windshield wipers and even fold its side mirror while turning.

For the most part, the controls Keen Security Lab demonstrated were all annoyances, but the team’s most worrying success was the ability to activate the vehicle’s brakes while in motion.

“As far as we know, this is the first case of remote attack which compromises CAN Bus to achieve remote controls on Tesla cars,” Keen Security Labs said in a statement. “We have verified the attack vector on multiple varieties of Tesla Model S. It is reasonable to assume that other Tesla models are affected.

“Keen Security Lab would like to send out this reminder to all Tesla car owners: Please do update the firmware of your Tesla car to the latest version to ensure that the issues are fixed and avoid potential driving safety risks.”

Tesla: “The risk to our customers was very low”

The company noted that it informed Tesla of the exploit as soon as the research team discovered and reproduced it, and Tesla explained in a statement that it had already fixed the flaw less than two weeks after learning of it. Tesla also noted that the hack would have been difficult to pull off in the wild in the first place.

“Within just 10 days of receiving this report, Tesla has already deployed an over-the-air software update (v7.1, 2.36.31) that addresses the potential security issues,” Tesla said in its statement. “The issue demonstrated is only triggered when the web browser is used, and also required the car to be physically near to and connected to a malicious wifi hotspot. Our realistic estimate is that the risk to our customers was very low, but this did not stop us from responding quickly.”

While the risk may have been low and Tesla did quickly patch the security hole, the fact that it existed in the first place is certainly worrying, especially as the automotive industry becomes increasingly focused on making mass-produced autonomous vehicles a reality.

You can watch a video of Keen Security Lab’s Tesla hack below:

Photo by p_a_h 

A message from John Furrier, co-founder of SiliconANGLE:

Support our open free content by sharing and engaging with our content and community.

Join theCUBE Alumni Trust Network

Where Technology Leaders Connect, Share Intelligence & Create Opportunities

11.4k+  
CUBE Alumni Network
C-level and Technical
Domain Experts
15M+ 
theCUBE
Viewers
Connect with 11,413+ industry leaders from our network of tech and business leaders forming a unique trusted network effect.

SiliconANGLE Media is a recognized leader in digital media innovation serving innovative audiences and brands, bringing together cutting-edge technology, influential content, strategic insights and real-time audience engagement. As the parent company of SiliconANGLE, theCUBE Network, theCUBE Research, CUBE365, theCUBE AI and theCUBE SuperStudios — such as those established in Silicon Valley and the New York Stock Exchange (NYSE) — SiliconANGLE Media operates at the intersection of media, technology, and AI. .

Founded by tech visionaries John Furrier and Dave Vellante, SiliconANGLE Media has built a powerful ecosystem of industry-leading digital media brands, with a reach of 15+ million elite tech professionals. The company’s new, proprietary theCUBE AI Video cloud is breaking ground in audience interaction, leveraging theCUBEai.com neural network to help technology companies make data-driven decisions and stay at the forefront of industry conversations.