Tesla updates Autopilot under cloud of hack
SAN FRANCISCO — Hacking into a phone is unlikely to physically hurt the victim. But hacking into a car?
A security research team in China hacked into a Tesla Model S and said they took over the car’s brakes from 20 kilometres away. A video released this week shows members of the research team being thrust forward as the remote hacker slammed the brakes on command.
The demonstration took place in an empty parking lot. No one was injured.
The team from Keen Security Lab, an arm of Tencent, also used a laptop computer to turn on the windshield wipers, retract the side view mirror and pop open the trunk, all while the car was moving.
While the car was parked, the team took over the vehicle’s 17-inch touchscreen and dashboard display. Keen’s logo appeared on the screens, which appeared frozen and inoperable.
The team said there was no mechanical connection to the car’s computer system, nor had they modified any part of the car.
Keen said it had reported its findings to Tesla, which in turn said it fixed the security holes quickly.
“The issue demonstrated is only triggered when the web browser is used, and also required the car to be physically near to and connected to a malicious Wi-Fi hotspot. Our realistic estimate is that the risk to our customers was very low,” the company said.
The U.S. Department of Transportation and the National Highway Traffic Safety Administration have released “guidelines” on autonomous cars and safety, which addressed, in part, cybersecurity.
The guidelines suggest that automakers follow “established best practices” to thwart hackers, and recommend that they report “any and all discovered vulnerabilities” whether they happen during testing or on the public roadways.
Separately, Elon Musk, Tesla’s chief executive, tweeted that the company began wireless updates to its Autopilot driver-assist feature on Wednesday.