Cars Being Stolen With Keyless Entry
If car owners place their keys on the table or next to their door, they may not realize that they are allowing thieves to hijack their signal. This relay attack is a highly-tech method criminals use to steal keys from new vehicles.
Keyless ignition vehicles emit an low-power radio signal that is seeking a compatible fob that can respond. If the signal is captured and recreated, it could be used to unlock the car and start it up.
Relay Attack
Imagine your car parked in your driveway with your key fob in your home. You're sure that your car is safe, but not seen by you sophisticated thieves are planning an attack. Instead of slamming windows or jiggling locks, thieves are using technology to hack into vehicles using digital cracks in their armor. This is known as relay theft, it's an increasingly common way to steal cars that have keyless entry.
The keyless entry system found in cars is controlled by a signal sent by the car's radio transmitter to the key fob. To prevent keyless entry by unauthorised persons the RF transmitters that are on the key fob as well as the car are programmed only to activate when they are within a certain distance of each other. However, thieves can bypass this limitation with an attack known as the'relay attack'.
To do so, two people work in tandem one is positioned by the car and uses an instrument that records an electronic version of the key fob's signal. The other person, who is at the home of the owner, uses a second gadget to transmit the signal from the key fob to the car. This trickery fools the car into thinking that the key fob is near enough to allow it to unlock and begin the engine.
In the past, this kind of attack required expensive equipment to carry out. But now, you can pick up a relay transmitter on the inexpensive online market and carry out an heist in a matter of minutes. This is the reason why car thieves love it.
While some cars are less prone to this type of theft than others, all modern vehicles that have keyless entry are at risk. In fact researchers have tested 237 popular cars and found that they can all be stolen using this method.
Tesla vehicles are believed to be less vulnerable to this kind of theft. However Tesla hasn't implemented UWB technologies that would enable it to perform distance checks and prevent attacks via relay. The company has said that they will do this in the future but until then, they are vulnerable. Installing an anti-theft system that safeguards your keys and your car against such attacks is a proactive way to ensure the security of your car.
CAN Injection Attack
Modern cars can protect themselves from thieves by sending encrypted messages to the key to prove its authenticity. The system is believed to be safe, but thieves have found ways to get around it. They just impersonate the smart key and send other messages to the vehicle letting it unlock the doors, turn off its engine immobilizer, and then go on their way. To do this, they gain access to the smart keys' internal communications network.
The majority of cars today are fitted with between 20 and 200 electronic control units, or ECUs, which control various aspects of the vehicle's operation. They communicate with each other via an electronic network referred to as CAN bus. To ensure that power consumption is low the ECUs are put into a low-power sleep mode that's activated when they receive a 'wake up' frame. These frames are typically sent by the ECU that manages the smart key or door. However the messages aren't usually authenticated or encrypted and, therefore, can be intercepted by criminals using a cheap and simple device.
They search for a spot that allows them to connect directly to the wires of the CAN connection. They usually are hidden in the headlights or in other locations in the front of the vehicle. To gain access to them, you need to remove the bumper and make holes in the headlamp assemblies. The criminals then use a device called an CAN injection attacker, which is used to send out fake messages that can trick the car's security systems to unlock it and disable its engine immobilizer.
These devices can be purchased through the Dark Web and work with all major car makers, including BMW and Cadillac, Chrysler, Fiat and Ford, Honda, Hyundai and Jeep, Lexus and Nissan, Renault and Toyota, Volkswagen and Maserati. Researchers who have discovered the CAN Injection attack recommend that all car makers fix this in their existing models. However, these criminals will continue taking everything they can. The best thing we can do is to try and prevent this by installing security measures that are mechanical like Discloks on our cars and ensuring that they are always parked in well-lit areas that are clearly visible to people passing by.
Blocking the Signal
In a variation of the relay attack that employs a device, thieves can jam the signal sent by key fobs while the vehicle is locked. The device could be found inside the pocket of a burglar in a parking space or in a hiding spot close to the driveway that is being targeted. Owners don't check if the vehicle is locked after pressing the lock button. The device used by the criminal block the signal that locks the car. Therefore, thieves can escape with the car.
The crooks also employ devices to amplify the signal from the key fob to unlock vehicles. They can even accomplish this if the key is in the driver's pocket or hanging from a hook in the home. Once the car is unlocked, they can use a standard diagnostic port or computer hackers to program the blank key fob and gain control of the vehicle.
To guard against this kind of attack, car manufacturers have come up with a range of anti-theft gadgets. But, thieves are read more constantly finding ways to beat these measures.
They've started using devices that transmit at the same frequency as remote keyfobs to intercept signals. The thieves can then copy the key fob's unlock code and then start the car with this fake signal.
This method is particularly popular in the US and Europe where many cars are equipped with wireless technology that allows owners to unlock and start their vehicle using a mobile app from their phones. This technique is likely to increase in popularity as more manufacturers try to connect their cars to their owners' smartphones.
It is important that drivers use best practices to park their vehicles. It is not advisable to leave their keys in the ignition and should always lock the car when not in it. If possible, they should also use a gearstick lock or steering device. They should also think about installing a tracking device to their vehicle in the event that it's stolen.
Flat Battery
This type of attack occurs more often than we think. The thieves employ inexpensive devices that extend the signal from your key fob in order to unlock and start your car even in the event that it is off. They then simply drive the car around a corner or even to a trailer and then drive off with it. It is possible to protect your car from this by installing an interrupter for the starter circuit. Simpler versions have an ON/OFF button that shuts off the circuit. It costs about $15 and is simple to install yourself.
Car thieves are always looking for new ways to enter vehicles and then steal them. The police as well as car manufacturers and insurance companies are always trying to catch up with their strategies and provide better anti-theft systems for modern vehicles. However, that doesn't stop thieves who are able be quick to adapt and find ways to get around the most up-to-date anti-theft systems.
Many thieves jam the signal using devices that operate on the same radio frequency as the fob. They place the device in their pocket or in a location close to their vehicle, and it stops the fob's lock command from reaching the vehicle which leaves it unlocked. This can be accomplished in a matter of minutes. The device is affordable and available online.
Another tactic is to hack the car's computer system. This is more difficult but feasible. Hackers have designed devices that connect to the diagnostic port of all cars and allow them to access the software. They can then program a blank fob to work. It is possible to do this on older vehicles as well however it is more difficult without removing the ignition.
As more vehicles are linked to the phones of drivers the method is likely to become more popular as well. Once a thief has the username and password to a vehicle app they can open or start the vehicle by using the app. You can protect yourself by not putting valuables in your car and also by parking in a garage.