Tesla to Hackers: Come Hack Our Cars

Tesla is considering giving free reign to hackers who will be granted access to tinker with any part of the company’s vehicle(s).

Tesla is planning to open one of their electric cars to the hacker attendees at the Defcon convention in Las Vegas, later this year. This is according to sources as mentioned by Forbes, who wished to remain anonymous. The benefits are obvious to Tesla.

  • The company will be made aware of any bugs in the vehicle.
  • They’ll also have a first-hand audition of any hackers who are worth hiring.

This is a common practice for many companies including Tesla, who were seen scouting for talent whilst scanning the halls of the Rio Hotel and Casino at the Defcon event last year.

As vehicles and cars become smarter, there will be a great deal of focus and interest on digital security on cars, at Defcon and BlackHat 2015, both of which are conferences that take place in Las Vegas.

Notable hackers Chris Valasek and Charlie Miller, popular for their prowess in hacking into automobiles in the past have promised to exhibit a car hack which they claim – will wirelessly hack a car for remote control.

An excerpt from their talk reads: “Although the hacking of automobiles is a topic often discussed, details regarding successful attacks, if ever made public, are non-comprehensive at best. The ambiguous nature of automotive security leads to narratives that are polar opposites: either we’re all going to die or our cars are perfectly safe. In this talk, we will show the reality of car hacking by demonstrating exactly how a remote attack works against an unaltered, factory vehicle.

“Starting with remote exploitation, we will show how to pivot through different pieces of the vehicle’s hardware in order to be able to send messages on the CAN(Control Area Network) bus to critical electronic control units. We will conclude by showing several CAN messages that affect physical systems of the vehicle. By chaining these elements together, we will demonstrate the reality and limitations of remote car attacks.”

A look at their recent tweets gives a hint of what’s to come:

The security of modern and future cars are under intense scrutiny, even more-so with a range of open source car hacking tools such as CANard and CANCat, now freely available on the internet. Plenty of researchers are trying to expose serious and fundamental flaws in vehicle security and groups like I  Am The Cavalry have emerged, with the motive to pressure lawmakers as well as vehicle manufacturers to improve on cars’ security from maliciously operating hackers.

Washington and lawmakers at Capitol Hill are listening too. Senator Markey, who reached out to several manufacturers for more information on their security efforts, claimed many were failing to protect their drivers and car owners adequately.

Some car makers are seeing the bigger picture. Jobs such as a Vehicle Cybersecurity Testing Engineer are on offer from the likes of GM, BMW, and Tesla – along with other initiatives to wield and foster better security. Many others, however, continue to ignore the problem and the inherent threat of weak security. This makes the efforts of mischief-makers and hackers such as Chris Valasek and Charlie Miller, all the more important with their drive to push manufacturers to safer and better practices.