IT Pro is supported by its audience. When you purchase through links on our site, we may earn an affiliate commission. Learn more

Tesla patches Model S after Chinese hack

Tencent hackers were able to take control of parts of the car from 19km away

Tesla has udpated its Model S firmware to avoid a hack demostrated by security researchers at Tencent. 

The electric carmaker rolled out the patch quickly after researchers at the Chinese tech giant successfully remotely targeted a vehicle. Tencent's security team, Keen Labs, had passed the details of the vulnerabilities to Tesla before taking the hack public.

Researchers were able to take control of the Tesla car by hacking its CAN bus, letting them control the sunroof, run lights off and on, open the doors, engage the brakes and locks, and fiddle with the main display from 19km away. 

"As far as we know, this is the first case of remote attack which compromises CAN Bus [the car's command system for things like remote locking] to achieve remote controls on Tesla cars," the researches said in a blog post. "We have verified the attack vector on multiple varieties of Tesla Model S. It is reasonable to assume that other Tesla models are affected."

The hack appeared to make use of flaws in a web browser. "I've said it a bunch, don't put browsers in cars," said security researcher Charlie Miller, now at Uber, over Twitter. "Huge attack surface and not really that useful."

Tesla said it had updated the cars' firmware within ten days of getting the Keen report, rolling it out over the air.

"The issue demonstrated is only triggered when the web browser is used, and also required the car to be physically near to and connected to a malicious Wi-Fi hotspot," the company said in a statement. "Our realistic estimate is that the risk to our customers was very low, but this did not stop us from responding quickly."

The Keen Labs researchers said Tesla owners should keep their cars updated. "Please do update the firmware of your Tesla car to the latest version to ensure that the issues are fixed and avoid potential driving safety risks."

While it's not the first case of a smart car being hacked, it also certainly won't be the last. "When done right, software can make our cars smarter and safer," said security analyst Graham Cluley in a blog post. "But we need dangerous bugs in the software to be ironed out, and a safe and simple way to update our cars without opening backdoors through which hackers can take advantage."

He added: "I'm in a quandary - should I pay extra for a car that isn't part of the internet of things, or will that make software and safety updates a right pain in the backside to deploy?" 

The research follows months of bad news for Tesla after a driver was killed while his vehicle was in Autopilot mode

Featured Resources

Meeting the future of education with confidence

How the switch to digital learning has created an opportunity to meet the needs of every student, always

Free Download

The Total Economic Impact™ of IBM Cloud Pak® for Watson AIOps with Instana

Cost savings and business benefits

Free Download

The business value of the transformative mainframe

Modernising on the mainframe

Free Download

Technology reimagined

Why PCaaS is perfect for modern schools

Free Download

Most Popular

How to boot Windows 11 in Safe Mode
Microsoft Windows

How to boot Windows 11 in Safe Mode

7 Jun 2022
Attracting and retaining talent through training
Sponsored

Attracting and retaining talent through training

13 Jun 2022
Swift exit: How the world cut off Russian banks
finance

Swift exit: How the world cut off Russian banks

24 Jun 2022