Keyless systems on cars easily hacked, researchers say
Researchers at Switzerland's ETH Zurich University show how passive keyless entry and start systems can be compromised
Computerworld - The passive keyless entry and start (PKES) systems supported by many modern cars are susceptible to attacks that allow thieves to relatively easily steal the vehicles, say security researchers at Switzerland's ETH Zurich University.
In demonstrations using 10 cars from eight makers, the researchers showed how they were able to unlock, start and drive away the cars in each case, by outsmarting the smart key system.
The break-ins were carried out using commercial, off-the-shelf electronic equipment available for as little as $100, the researchers said in a paper describing their exploits.
Although the possibility of such attacks on keyless systems has been discussed previously, it has not been clear before if they would be feasible on modern cars, the researchers said. "In this paper, we demonstrate that these attacks are both feasible and practical," they said.
The keyless systems exploited in the Zurich demonstrations are designed to let car owners lock, unlock and start their vehicles without having to take the key fob out of their pockets. They allow car doors to unlock when the person carrying the key approaches the vehicle, and to lock them when the person walks away from the vehicle.
To start the keyless vehicle, the user needs to be inside the car with the key on their person or within the car. There is no need, however, for the key to be inserted physically into the ignition lock to start the vehicle.
The car and the key fob communicate with each other using a combination of both Low Frequency and Ultra High Frequency radio signals. The door lock and unlock functions, asw well as the engine start functions, are activated by the proximity of the key fob to the car. When the key is brought close to the car, it issues a command to open the car and turn on the ignition.
For the experiment, the researchers used a pair of commercially available loop antennas for capturing beacon signals from the car and relaying it to the key fobs. The antennas were used to fool the car into believing the key fob was in closer proximity to the vehicle than it actually was.
First, one of the antennas would be placed on the exterior of the car, close to the door handle, to pick up signals from the vehicle and relay it to the second antenna located some distance away. Signals received by the second antenna would then be picked by the key, which would relay instructions back to the car to unlock the doors.
- SANS: Next-Generation Datacenters = Next-Generation Security This whitepaper takes a look at some new technology that may allow security teams to implement more flexible and capable protection models in...
- SANS: Protecting Virtual Endpoints with McAfee Server Security Suite Essentials SANS review of McAfees Server Security Suite Essentials that address some of the emerging challenges of securing virtual platforms and cloud environments.
- Mitigating Multiple DDoS Attack Vectors It's time to rethink and refine the enterprise security architecture, so organizations can remain agile and resilient against future threats. Download this infographic...
- EndPoint Interactive eGuide In this eGuide, Network World, Computerworld, and CIO examine two endpoint trends - BYOD and collaboration - and offer tips and advice on...
- Cloud BI in Action: Recorded Webinar of Customer, Kony, Inc. See how Kony, Inc., a leading enterprise mobility company, is using TIBCO Jaspersoft for Amazon Web Services and Redshift to achieve embedded analytics...
- Cloud BI Overview: Jaspersoft for AWS Check out this overview of Jaspersoft for AWS, to easily and affordably build business intelligence solutions as well as embed visualizations and analytics... All Endpoint Security White Papers | Webcasts