For the second time in less than a month, media reports have surfaced of Tesla cars have been hacked. This time the autopilot—which isn’t really an autopilot—got hacked.
One series of hacks was with stickers. Yes, stickers like your children like to use instead of crayons in those kid’s meal booklets. Here’s the story:
Autopilot Hack #1
Elite hackers from China have found a way to trick a Tesla Model S into going into the wrong lane by strategically placing some simple stickers on the road.
Keen Labs, widely regarded as one of the most technically ingenious cybersecurity research groups in the world, developed two kinds of attack to mess with the Tesla autopilot’s lane-recognition tech.
First, the researchers sought to make alterations to lane markings, first by adding a large number of patches to the line to make it appear blurred. It worked, but as the patches looked much too conspicuous, the Keen hackers decided that it’d be too difficult to carry out in the real world.
Autopilot Hack #2
So the researchers tried to create a “fake lane.” They discovered that Tesla’s autopilot would detect a lane where there were just three inconspicuous tiny squares strategically placed on the road. When they left small stickers at an intersection, the hackers believed they would trick the Tesla into thinking the patches marked out the continuation of the right lane. On a test track, their theory was proved correct, as the autopilot took the car into the real left lane.
Tesla Hacked, Vehicle Operated By Remote Control
In other attacks, the Keen crew claimed to have the ability to remotely control the steering wheel and start up the windscreen wipers. In the former, via a complex series of steps that broke through some of the security barriers put up around the onboard network, Keen discovered a way to control the steering wheel with a gamepad, though they were in the vehicle at the time. While that initially sounds serious, the attack didn’t work when a car had been taken manually from reverse to drive mode at any speed above 8 km per hour. However, when in cruise control, the attack worked “without limitations.”
Tesla Display Hacked
Two weeks ago, Tesla was hacked in a much different way.
Pwn2Own is a competition aiming to highlight the vulnerabilities of modern day systems and products, and since the Model 3 is one of the most digitally advanced cars in the world, it was a natural target for the organizers of the event and the hackers attending it.
Most of the goals set by the organizers were not met by the competing teams, but one of them reached their goal: Fluoroacetate, a duo comprising hackers Richard Zhu and Amat Cama.
To get the prize, the two had to launch the attack from inside the car and “achieve code execution by browsing to malicious content.”
Zhu and Kama were able to hack into the car’s Internet browser and have it display a message of their choice on the car’s screen: pwned by Fluoroacetate.
For their achievement, Richard Zhu and Amat Cama were awarded a $35,000 prize, but most importantly got to drive away in the Model 3, complete with the hacked browser.
Folks what you need to understand about hacking the display of the Tesla is this, there are no instrument panels or gauges in this particular car. The display screen (liquid crystal touch screen) is the only information that the driver has on the car. This is also where everything is controlled by the driver. If the screen can be hacked, it can be used to trick the driver by providing false info to the driver. Could this be used for malicious purposes? It may only be proof of concept for now but…