A 19-year-old German IT student and hacker said in a series of tweets this week that he had managed to gain remote control over more than 25 Teslas in 13 different countries without the knowledge of their owners.
The hacker, David Colombo, said the vulnerability he had exploited was not in Tesla’s infrastructure. The vulnerability was in third-party software used by the car owners.
“Nevertheless I now can remotely run commands on 25+ Tesla‘s in 13 countries without the owners knowledge,” David Colombo tweeted, adding, “Regarding what I‘m able to do with these Tesla‘s now. This includes disabling Sentry Mode, opening the doors/windows and even starting Keyless Driving.”
“I could also query the exact location, see if a driver is present and so on. The list is pretty long. And yes, I also could remotely rick roll the affected owners by playing Rick Astley on Youtube in their Tesla‘s,” he also said.
In an interview with Bloomberg, Colombo explained that the vulnerability he had found and used involved insufficient security in the way the software program stores sensitive information that is necessary to link the software to the car.
“This shouldn’t happen,” Colombo told Bloomberg. “Especially if we’re putting cars on the internet and trying to make them secure. Everyone needs to work together.”
The hackability problem with EVs is getting nowhere near enough attention even after researchers from Texas successfully hacked the most popular charging system used in North America last year.
The hack limited the charging rate, then blocked charging, and then overcharged the battery. The reason for the hack: “This was an initiative designed to identify potential threats in common charging hardware as we prepare for widespread adoption of electric vehicles in the coming decade,” according to lead researcher Austin Dodson.
UK cybersecurity experts have also warned about vulnerability in home and public EV chargers, some of them considerable.
Now, with Colombo’s hack, chances are the issue of EV and EV infrastructure cybersecurity will get a little more attention from stakeholders, especially those that have poured billions into EV cars: their manufacturers.
By Charles Kennedy for Oilprice.com
More Top Reads From Oilprice.com: