Kevin Mahaffey, co-founder of a security firm Lookout and Marc Rogers, principal security researcher at CloudFlare found a way to hack Tesla’s flagship Model S line’s car system to take control a certain components of the car. It was demoed a few days ago in Black Hat’s computer security conference.
How they hack into the car system? To do this, they physically connect a computer to the car via ethernet cable and leave behind Trojan horse to allow for remote access. What is the impact of this hacking? Once they got into the system, they will be able to initiate brake and cause the car to stop suddenly if the car is going under 5MPH. However, if the car was travelling more than 5MPH, then the car is switched to neutral which then forces the driver to safely navigate to the side of the road presumably.
Fortunately, the researchers have been working with Tesla for the software fixes and after the fix was stabilized, the company deployed it by using OTA (Over the Air) to automatically update the car’s software which then will patch these vulnerabilities.
As comparison, it seems that the way Tesla handle the rolling out of bug fixes is more efficient than the way Chrysler handle it. Chrysler shipped about 1.4 million USB drives to all the affected car owners and thus there would be some time before the owners plugs the USB into the car system which then would make it vulnerable during that period.