Keyless car entry systems could be a huge security risk

Researchers said millions of cars could be stolen if hackers take advantage of the vulnerability

Researchers from the University of Birmingham have found keyless car entry systems could be putting millions of vehicles at risk of being stolen.

According to their findings, criminals can use a simple radio transmitter to intercept the signal between car and key and then clone it to open the car at a later date when the owner is not present.

Advertisement - Article continues below

Experiments were carried out by a team from the university's School of Computer Science, with Volkswagen Group's cars shown to be most at risk.

Hackers can uncover cryptographic algorithms from electronic control units and unlock vehicles including those manufactured by Audi, Skoda and Porsche (all part of the Volkswagen Group, alongside VW itself). The cars affected date back to the mid-1990s, bringing up questions why the technology hasn't already been updated.

"It's a bit worrying to see security techniques from the 1990s used in new vehicles," researcher Dr Flavio Gambia said. "If we want to have secure, autonomous, interconnected vehicles, that has to change. Unfortunately the fix won't be easy, as there is quite a slow software development cycle, new designs will be quite a long time in the making."

The University of Birmingham investigators also found a second potential hack affecting vehicles made by Alfa Romeo, Citroen, Fiat, Ford, Mitsubishi, Nissan, Opel/Vauxhall, Renault and Peugeot.

Advertisement
Advertisement - Article continues below
Advertisement - Article continues below

This particular vulnerability is based on Hitag2, which allows the cryptographic key to be revealed, again allowing for the key to be cloned with a little work on a computer.

Dr David Oswald, another member of the research team, added, "You only need to eavesdrop once. From that point on you can make a clone of the original remote control that locks and unlocks a vehicle as many times as you want. Manufacturers really need to take heed and review their security systems."

Featured Resources

The case for a marketing content hub

Transform your digital marketing to deliver customer expectations

Download now

Fast, flexible and compliant e-signatures for global businesses

Be at the forefront of digital transformation with electronic signatures

Download now

Why CEOS should care about the move to SAP S/4HANA

And how they can accelerate business value

Download now

IT faces new security challenges in the wake of COVID-19

Beat the crisis by learning how to secure your network

Download now
Advertisement

Recommended

Visit/security/phishing/355810/zloader-malware-returns-as-a-coronavirus-phishing-scam
phishing

ZLoader malware returns as a coronavirus phishing scam

27 May 2020
Visit/security/hacking/355806/anarchygrabber-hack-steals-discord-tokens-ids-and-passwords
hacking

AnarchyGrabber hack steals Discord tokens, IDs and passwords

27 May 2020
Visit/security/hacking/355801/scammers-using-coronavirus-contact-tracing-in-hacking-attempt
hacking

Scammers leverage contact-tracing in hacking attempt

27 May 2020
Visit/security/phishing/355793/gitlab-phishes-its-remote-employees-and-1-in-5-fell-for-it
phishing

GitLab phished its employees and 20% handed over credentials

26 May 2020

Most Popular

Visit/operating-systems/microsoft-windows/355812/microsoft-warns-against-installing-windows-10-may-2020
Microsoft Windows

Microsoft warns users not to install Windows 10's May update

28 May 2020
Visit/infrastructure/server-storage/355785/dell-emc-poweredge-r7525-review-an-epyc-core-density-to-make
Server & storage

Dell EMC PowerEdge R7525 review: An EPYC core density to make Intel weep

26 May 2020
Visit/infrastructure/network-internet/355792/intel-releases-wi-fi-and-bluetooth-driver-updates-for
Network & Internet

Intel releases Wi-Fi and Bluetooth driver updates for Windows 10

26 May 2020