It looks like although researchers have found a hack for the Tesla’s (NASDAQ: TSLA) Model S, owners don’t need to fret over it.
Two security researchers have uncovered a way to hack in to the Model S’s internal computer, bringing the vehicle to an immediate stop. The only catch is that to execute the hack, someone must have physical access to the car. The hack isn’t possible remotely.
The researchers, Kevin Mahaffey and Marc Rogers, who work with Cloudflare on security, found a series of six vulnerabilities allowing them to gain control of the car. The control was limited to “any action accessible to the center touch screen or Tesla’s smartphone app.” In one instance, they were able to turn the car off while it was driving.
Tesla is no slouch when it comes to update their car’s software, though; the company announced on Thursday that it had already sent out a patch for all the vulnerabilities that were found in this experiment. Vehicles should automatically download this update via cellular networks.
“Our security team works closely with the security research community to ensure that we continue to protect our systems against vulnerabilities by constantly stress-testing, validating, and updating our safeguards,” a spokeswoman said. “Lookout’s research was a result of physically being in Model S to test for vulnerabilities. We’ve already developed an update for the vulnerabilities they surfaced which was made available to all Model S customers through an OTA update that has been to deployed to all vehicles.”
While the researchers were able to shut the car off, the vehicle only came to an immediate stop if it was going slower than 5 MPH. If it was moving any faster than that, it would simply turn of the electric motor.
The hack of a Model S follows a string of discovered vulnerabilities in other connected cars. As cars become increasingly connected to the internet, they can become as vulnerable as a computer is to viruses. Unlike the Tesla hack, though, these other cars did not require physical access to hack. Fiat Chrysler recalled 1.4 million cars after it discovered that the Jeep Cherokee could be remotely disabled last month.
As far as car cybersecurity goes, however, the researchers did mention that Tesla is at the top of the list. Although it suffered from some vulnerabilities, it is one of the most security-focused companies on the market. It’s quick reaction to this recent event can attest to that.
“Our research confirmed that Tesla indeed made a number of excellent security decisions in the design of Tesla Model S,” Mahaffey wrote. “It also, however, has a number of areas where we believe Tesla can improve. Overall, I feel more secure driving in a Tesla Model S than any other connected car on the road.”