Hacking and cyber terrorism is a real-life possibility that threatens us on a daily basis. The world just learned how deadly the threat can be on a personal level when Charlie Miller and Chris Valasek completely took over a 2004 Jeep Cherokee as it drove down the highway. It was a demonstration that resulted in the recall of 1.4 million Chrysler-built vehicles for a major security update. Chrysler->ke21 vehicles aren’t the only vehicles with the potential to be hacked or remotely manipulated. Any vehicle with a wireless data connection has the potential to be hacked from abroad if security vulnerabilities exist. The most recent manufacturer to discover this is Tesla->ke1842 – the leader in long-range electric vehicles.->ke1030

Researchers from Lookout and CloudFlare have worked for the last two years to find security vulnerabilities that exist within the infotainment system of Tesla’s Model S.->ke3329 Their findings aren’t nearly as bad as the flaws found in Chrysler vehicles, but some security concerns were found. The most interesting finding was that a 2015 Tesla Model S could be easily stolen by use of a computer connected to the vehicle’s network cable. Once a laptop was connected to the S, the researchers were able to send a few command prompts to its onboard system and turn on the electric drive system.

The other major finding was that the current web browser on the Model S contained a backdoor that could allow a hacker to gain control the vehicle remotely. This vulnerability would require someone to view a specially made web page from the vehicle’s infotainment system first, but is a security threat nonetheless. This vulnerability precludes the need to have physical access to the vehicle to take control of it, and that could be dangerous to the driver or passengers of the vehicle.

Continue reading for the full story.

Why it matters

Altogether there were six security issues found, and Tesla already implemented patches to fix the vulnerabilities via its over-the-air update system on August 5th. A spokesperson for Tesla claims that the paths used to gain permission within the infotainment system have been isolated and blocked off. The browser was also updated and isolated from the rest of the system to prevent the possibility of remote hacking – at least for now, anyway. Tesla does deserve credit, though. Unlike other manufacturers, Tesla designed the S to come slowly to a stop while allowing the driver to retain steering and braking functions in the event of a complete power loss. Also, because Teslas are already set up for remote updates it was a simple fix, rather than requiring a recall.

Most manufacturers use variations of Linux, Windows or Apple IOS as the operating system for their infotainment systems, which means they are potentially subject to a lot of the same vulnerabilities as the laptops and PCs we use every day. Hackers are constantly looking for ways to manipulate computer systems, so it is of the utmost importance that auto manufacturers continuously look for new vulnerabilities and remove them before they can be used against us. Do we have to fear being let down by auto manufacturers over yet another safety concern in the near future? I sure hope not.

2015 Tesla Model S

Read our full review here.