Cars Being Stolen With Keyless Entry
If car owners leave their keys on the table or near their doors, they may not realize that they are allowing thieves to steal their signal. This relay attack is a high-tech technique used by criminals to steal keyless vehicles.
Keyless ignition vehicles emit a low power radio signal that is used to locate a matching fob. If the signal is recorded and recreated, it could be used to unlock the car and begin it up.
Relay Attack
Imagine your car being parked safely in the driveway, with the key fob tucked away in your home. You might think that your car is secure but sophisticated thieves are planning a heist, without you knowing. Instead of slamming windows or jiggling locks, these thieves are using technology to gain access to cars through digital cracks in their armor. Known as relay theft, it's a more common way to steal cars that have keyless entry.
Cars with keyless entry are designed to operate using signals that are transmitted from the remote control (RF) transmitter to the owner's key fob. To prevent unauthorized keyless entry the RF transmitters inside the key fob and in the car are programmed to only activate when they're within a certain distance of each other. However, thieves are able to overcome this limitation using a technique called the 'relay attack'.
To do so two people work in tandem one is positioned by the car and uses an instrument that records an electronic version of the key fob's signal. The other person, who is at the owner's home, uses a second gadget to transmit the signal from the key fob back to the car. This trick tricks the car into believing the key fob is at the distance needed to allow it to be opened and started the vehicle.
In the past, this kind of heist required expensive equipment in order to execute. You can now buy an inexpensive relay transmitter online and carry out a heist within minutes. This is the reason why car thieves love it.
While certain cars are less susceptible to this kind of theft than others, all modern vehicles with keyless entry are at risk. Researchers have tested 237 popular cars and found that every one of them can be stolen using this method.
Tesla vehicles are believed to be less vulnerable to this kind of theft. However Tesla hasn't yet implemented UWB technologies that would allow it to conduct distance checks and prevent relay attacks. The company has promised to implement this feature in the near future, but until then they are vulnerable. Installing an anti-theft system that guards your car and your keys against such attacks is a proactive method to ensure the security of your vehicle.
CAN Injection Attack
Modern cars can guard themselves from thieves by sending encrypted messages to the key in order to confirm its authenticity. The system is thought to be secure, but criminals have found ways to circumvent it. They can impersonate the smart key, and send messages to the car, letting it unlock the doors, turn off its engine immobilizer, and let them go on their way. To do that, they get access to the smart key's internal communication network.
Most cars today are equipped with between 20 and over 200 electronic control units, also known as ECUs, that manage various aspects of the vehicle's operation. They communicate through an electronic network known as CAN bus. To reduce power consumption, these ECUs are put into a low-power sleep mode that's activated when they receive a wake up frame. These frames are typically sent from the door or smart key receiver ECU. However, these messages aren't always encrypted or authenticated so they could be snatched by criminals using a cheap and simple device.
They search for a spot where they can connect directly to the wires of the CAN connection. They are usually hidden in the headlights or in the front of the car, and are accessible by pulling the bumper off and cutting holes in the headlamp assembly to expose them. The criminals then employ a device dubbed a CAN injection attacker to send out fake messages that can trick the car's security systems into unlocking it and disengaging the engine immobilizer.
These devices are available for purchase on the Dark Web, and work for all major car manufacturers which include BMW, Cadillac, Chrysler, Fiat, Ford, Honda, Hyundai, Jaguar, Jeep, Lexus, Nissan, Renault, Toyota, Volkswagen, Maserati, and more. The researchers who discovered this CAN Injection attack are recommending that all car makers address the issue in their current models, but the reality is that these thieves will continue to grab whatever they can get their hands on. We can stop this from happening by installing mechanical security measures like Discloks in every car we own and parking them in well-lit, well-lit areas.
Blocking the Signal
In a variation of the relay attack that uses a gadget that is able to block the signal sent by the key fob when the vehicle is locked. The device could be in the pocket or hiding place of a thief on the parking lot, or near the driveway being targeted. Once the owners hit the button to lock their fobs and walk away and leave, they don't have to think about whether or not their car is really read more locked. Instead, thieves can escape with the vehicle because the signal that normally locks the car has been blocked by the device of the criminal.
They also use devices that amplify signals from the key fob to unlock vehicles. They can do this when the key is in the pocket of the driver or hanging from a hook in the home. After the car is unlocked, hackers can make use of the standard diagnostic port to program an unlocked fob.
To safeguard against this kind of attack, car manufacturers have developed a variety of anti-theft devices. However, thieves are always looking for ways to defeat these measures.
For instance, they've been using devices that transmit on the same frequency as remote key fobs in order to intercept their signals. The thieves copy the unlock code from the key fob and begin the vehicle with this fake signal.
This method is especially popular in the US where a lot of cars come with wireless technology. Owners can unlock and start their vehicle using a mobile application on their smartphone. This technology will likely be more commonplace as more car manufacturers attempt to connect their vehicles with their owners phones.
It is important that drivers use best practices to park their cars. It is not advisable to leave the keys in ignition and lock the car when not in it. If possible they should also utilize a steering or gearstick locking device. They should also think about having a tracking device fitted to their car in case it is stolen.
Flat Battery
This kind of attack is more frequent than people think. The thieves use inexpensive devices that extend the signal from your key fob in order to unlock and start your car when it's off. They then simply drive the car around the corner or even to a trailer and then drive off with it. It would be possible to shield your vehicle from this by installing an interrupter for the starter circuit. Simpler versions come with an ON/OFF button that interrupts the circuit. It costs around $15 and is easy to install.
Car thieves are always trying new ways to get into vehicles and then steal them. Police, car manufacturers and insurance companies are always trying to stay on top of the latest tactics and provide better anti theft systems for modern vehicles. But this doesn't stop thieves who can easily adapt and find ways to circumvent the latest anti-theft technology.
Many thieves block the signal with devices that use the same radio frequency as the fob. The device is tucked away in the pocket or close by the vehicle and blocks the fob from transmitting the lock command to the car. This can be done in minutes. The device is inexpensive and is available on the internet.
Hacking the computer system of the car is an alternative option. This is more difficult but it is still feasible. All cars have a diagnostic port, and hackers have designed devices that plug into them and allow them access the software in the car. They can then program the fob with blank code to function. It is possible to do this on older vehicles also however it is more difficult without taking out the ignition.
This technique could be more popular if more vehicles are connected with drivers' phones. Once a thief gets the username and password for the vehicle app and then they can unlock the car or start it using the app on their phone. It is possible to protect yourself from these types of attacks by not putting valuables in your car and putting it in a garage or secured parking lot.