A cybersecurity expert discovered that the keyless entry mechanism used on Tesla automobiles and other vehicles is less secure than intended. The researcher demonstrated how a hacker might unlock the automobile and drive away using $100 in hardware and custom software.
Sultan Qasim Khan, lead security consultant of Manchester, UK-based security firm NCC Group, created the hack. It makes use of the Bluetooth Low Energy (BLE) protocol, which powers Tesla's and other automakers' app-based keyless entry systems.
The hacker must get a hardware device near the owner's smartphone or key fob in order to conduct the so-called relay attack. This then transmits signals to a second device, which is connected to a laptop near the automobile. Model 3 and Model Y vehicles from Tesla are impacted.
The automobile is unlocked and ready to start in 10 seconds thanks to customized software on the laptop. It serves as a sobering reminder of how weak some of our security mechanisms are.
Khan claims he informed Tesla about the hack, but the company concluded it was not a significant risk.