Upstream’s 1000th Automotive Cybersecurity Incident: Use NFC Card to Gain Control in 130 Seconds
As a part of Upstream’s ongoing effort to monitor, analyze the cyber threat landscape and assess the impact of automotive-related cybersecurity incidents and vulnerabilities, we recently marked an important milestone with the 1000th incident tracked by Upstream’s cyber threat intelligence team on the AutoThreat® platform.
On June 8, 2022, Martin Herfurt, a security researcher in Austria, demonstrated how he could manipulate a Tesla NFC card to unlock vehicles and potentially steal the vehicle.
This feature update was introduced by Tesla in August, making it easier to start vehicles after being unlocked with their NFC key cards. The intention behind this update was simple: enable a smooth experience for drivers using NFC cards to unlock and start their vehicles, within a timeframe of 130 seconds, without the need to use the NFC card twice.
But the researcher noticed that within the 130-second timeframe, it was also possible to accept entirely new keys with no additional authentication and zero indication by the in-car display.
“The authorization given in the 130-second interval is too general… it’s not only for drive,” Herfurt said in an online interview. “This timer has been introduced by Tesla… in order to make the use of the NFC card as a primary means of using the car more convenient. What should happen is that the car can be started and driven without the user having to use the key card a second time. The problem: within the 130-second period, not only the driving of the car is authorized, but also the [enrolling] of a new key.”
The vulnerability lies in Tesla’s keyfob technology, which relies on Bluetooth Low Energy (BLE). Most devices and vehicles that rely on this kind of proximity-based authentication are designed to protect against a range of relay attacks. Yet, researchers at U.K.-based NCC Group say they have developed a tool for conducting a new type of BLE link-layer relay attack that bypasses existing mitigations, theoretically enabling attackers to remotely unlock and operate vehicles.
Upstream offers the first and only threat intelligence offering purpose-built for the automotive ecosystem, providing dedicated automotive-specific intelligence, incident tracking, vehicle-relevant vulnerability detection, threat impact analysis, mitigation suggestions, support in prioritization, exposure analysis and threat propagation.
AutoThreat® PRO was created to empower automotive stakeholders to identify vulnerabilities and manage risks to their assets via threat intelligence data and insights. Upstream’s AutoThreat® PRO offers a purpose-built service with dedicated CTI analysts that includes ongoing threat reports, customized queries, deep and dark web investigations, and tailor-made threat models based on customer-specific assets, needs, and business models.
Upstream’s 2023 Global Automotive Cybersecurity Report
Follow the Data: Connected Vehicles & Beyond
Automotive OEMs executives deal every day with at least four strategic challenges: Reputational risk limitation Regulatory compliance Recall costs minimisation Reliability of service and customer…Read more
The Future of Fleet Security: Are Autonomous Vehicles Secure?
In recent years, the delivery industry has seen a significant shift towards electrification and autonomous vehicles in an effort to streamline services and improve efficiency.…Read more
The Race to Autonomous Mobility May Be Slowed Down by Hackers
Electric-driven and fully autonomous mobility services have the potential to solve some of the world’s biggest transportation challenges. They are bound to revolutionize the automotive…Read more
The Power Grid Must Be Protected, But Are EV Charging Stations Secure?
The widespread adoption of electric vehicles (EVs) depends on a robust and reliable network of charging stations. However, as the number of EVs on the…Read more