Tesla vehicles can be unlocked and operated using a new hacking method that employs Bluetooth Low Energy (BLE), according to a research paper by analysts at NCC Group, a global expert in cybersecurity and risk mitigation.
“In the test setup, the iPhone was placed on the top floor at the far end of a home, approximately 25 meters away from the vehicle, which was in the garage at ground level. The phone-side relaying device was positioned in a separate room from the iPhone, approximately 7 meters away from the phone,” according to the post.
The vehicle-side relaying device, which was placed within a radius of approximately 3 meters (9.8 feet) from the car, was able to unlock the vehicle.
NCC did not test the hack against Tesla’s Model Y, but since the technology used in the vehicle is similar to the Model 3, the group expects similar results.
“NCC Group discovered that relay attacks against the Model 3 remained effective with up to 80 ms of round trip latency artificially added beyond the base level of latency introduced by the relaying tool over a local Wi-Fi network,” said the report.
The analysis team believes that this latency margin is sufficient to conduct long-distance relay attacks over the internet. NCC did not test any long-distance attacks.
If an attacker were able to place a relaying device within the BLE signal range of a key fob or mobile phone that is authorized to access Tesla’s Model 3 or Y cars, they may be able to break into and operate the vehicle, NCC warned.
To avoid such situations, the group recommended that owners be educated about the risks of BLE attacks and recommended using the PIN to Drive feature. An option to disable passive entry can also be helpful.
The passive entry functionality in the mobile app should be disabled if the device has been stationary for more than a minute, NCC said.
In addition, the mobile app must report the device’s last known location during the authentication process with the vehicle. This can allow the car to detect and reject long-distance relay attacks.
Tesla executives did not respond to The Epoch Times’ request for comment during press time.