The hyperconnected automobile presents all sorts of opportunities for criminal mischief, and it’s no hypothetical danger – last year, DARPA researchers were able to remotely hack into Toyota and Ford vehicles and disable the brakes.
At this month’s Symposium on Security for Asia Network (SyScan360), a security conference in Beijing, security buffs were invited to try their hands at hacking a Tesla Model S, and cash prizes were on offer. A Chinese team achieved at least partial success.
The winning team exploited a “flow design flaw” to gain access to the car’s system, and were able to remotely unlock the vehicle, sound the horn, flash the lights, and open the sunroof. Organizers have passed on the information on to Tesla.
“Tesla Software Hack Challenge ended with Team Yo, from ZheJiang University, coming in first overall and winning ¥10,600 RMB in prize money,” said organizers. “No team succeeded in the mission of hacking Tesla’s door and engine within the timeframe of the challenge. Therefore no one received the grand prize of $10,000 USD.”
Tesla is by far the most computer-savvy of automakers, and has always been security-conscious. It has hired a well-known ex-Apple security expert, and offers a vulnerability disclosure program to allow users to report any glitches or bugs.
Tesla wasn’t involved in the SyScan competition, but said it would welcome information about any vulnerabilities that the hackers might discover. “We support the idea of providing an environment in which responsible security researchers can help identify potential vulnerabilities,” a company spokesman said. “We hope that the security researchers will act responsibly and in good faith.”