Tesla Model S Vulnerable to Cyber Attacks

Tesla has been constantly updating their Model S ever since this was released, with the company learning from the various issues arising. The latest example of this is fitting the car with a titanium underbody protection element for the battery. Well, it appears that the time has come for Tesla to up the ante on the digital security front, with a recent research indicating the Model S is vulnerable to various threats.
Tesla Model S dashboard 1 photo
Photo: Tesla
The report comes from Nitesh Dhanjani, a corporate security consultant and hacking book author, who also happens to be a Tesla owner. He seems to have found a few gaps in the vehicle’s security system, albeit adding that the car’s main systems do not come with any security issues.

To put it shortly, the Tesla Model S could be unlocked by a hacker, since the operation is possible using wireless Internet access. If someone manages to crack or steal a password, that person can track down the vehicle or get inside it. Nonetheless, the Tesla Model S requires a key to start, so potential thieves could not start the vehicle.

It all starts with the first step of the ordering process, which requires customers to create an account secured via a six-character password. This offers access to a mobile app used to locate, lock/unlock and monitor the Model S’ features.

The problem here is that this is a static six-character password, something that’s not particularly difficult to get around for those in the know. For instance, a thief could simply guess the password, as Tesla’s website doesn’t have a limit for incorrect login attempts. What’s more, the password is vulnerable through the user’s email accounts.

"It's a big issue where a $100,000 car should be relying on a six-character static password," Dhanjani said.

Another issue was found with the fact that the Tesla customer service has the power to remotely unlock cars. The various background checks required to maintain such a system safe are not known to the Tesla users, with Dhanjani being concerned about the potential cracks in the system.

Moreover, Tesla’s mobile app has become a source for 3rd party developments, which could thus gain access to the car. Dhanjani has already submitted his report to Telsa, and you can see the Model S cyber security research here.
If you liked the article, please follow us:  Google News icon Google News Youtube Instagram X (Twitter)
About the author: Andrei Tutu
Andrei Tutu profile photo

In his quest to bring you the most impressive automotive creations, Andrei relies on learning as a superpower. There's quite a bit of room in the garage that is this aficionado's heart, so factory-condition classics and widebody contraptions with turbos poking through the hood can peacefully coexist.
Full profile


Would you like AUTOEVOLUTION to send you notifications?

You will only receive our top stories