Hackers have cracked security on devices designed to stop thieves hot-wiring almost every modern car, with every major make of immobiliser defeated, it can be revealed.
The Independent reported on 18 August that the immobiliser fitted to more than 100 car makes had weaknesses which made it vulnerable to thieves. Details of the security lapses in the Megamos Crypto system was highlighted two years after they were first discovered because Volkswagen took legal action to block publication.
It can also be revealed that the three other immobiliser systems used by almost every major car firm have similar weaknesses, which mean thieves can override security.
In 2005, US researchers broke the security of one made by US firm Texas Instruments. To crack the security, used extensively in many Ford models, they said they used inexpensive off-the-shelf tools with minimal expertise. They concluded the protection afforded by the device was “relatively weak.” One US security system, said to be used by at least 34 car makers and fitted in more than 200 different models, was defeated in less than six minutes.
It is thought that, while these systems are still in use, car manufacturers have also continually tried to update security, but the hackers are one step ahead. Now so-called “white hat” hackers are used by car companies to help them create better protection.
All cars made in Europe must have an electronic immobiliser fitted by law, but experts have warned that cars where the ignition key has been removed and replaced by a start button are particularly prone to being stolen. In such vehicles the immobiliser transponder is the only anti-theft mechanism.
The researchers who revealed the Megamos loophole said they were surprised to find the security chips use relatively simple encryption. If someone can listen to them talk to each other – twice was all it took – they were able to discover the pattern. The key is then easily copied and the car stolen. The researchers – Birmingham University’s Flavio Garcia and Roel Verdult and Baris Ege, from Radbound University in Nijmegan, Netherlands – recommend the industry uses more sophisticated systems. “It is surprising the industry is reluctant to migrate [to such transponders] considering the cost difference of a better chip in relation to high-end car models.”
They were also critical of the industry’s reluctance to acknowledge security problems. They claim the approach of “security through obscurity” – the belief that if the flaws are not known then they will be harder to find – is failing.
“We wish to reinforce the timeworn but often neglected message that “security through obscurity” is generally ineffective in widely fielded cryptographic systems.”
Earlier this year, Chrysler recalled 1.4 million Jeeps after hackers demonstrated they could take control of safety features on the vehicle. A spokesman for the Society of Motor Manufacturers and Traders said: “Vehicle manufacturers invest billions of pounds to keep vehicles as secure as possible, and work tirelessly to stay one step ahead of criminals.
“As a result, overall thefts in the UK have decreased by more than 75 per cent over the past 10 years and continue to fall.”Reuse content