Advancements in Modern Vehicle Theft

January 5, 2017 | Views: 4210

Begin Learning Cyber Security for FREE Now!

FREE REGISTRATIONAlready a Member Login Here

Your computer environment is safe; but is your vehicle still in the driveway? You may need to check.

Having worked in the automotive security industry, and witnessing the rise of talks emerging at DefCon now covering vehicle data adaptation, now is the time to get forewarned about vehicle security. You know what they say, to be forewarned is to be forearmed.

Here’s a hint… your pc is more secure than your car

Possible threats:

  • Vehicle key data sniffing
  • Remote unlocking/starting of vehicles
  • Car stolen in under 2 minutes
  • Automotive lockpicks easily purchased online

With legal organizations selling software which is meant for the use of automotive locksmiths and military personnel sold openly on the market, I will explain what to watch out for.

P.S – Get your tin foil hats guys n girls

Lockpicks have and will always have a place, but now the introduction of “turbo decoders” means your brand new BMW is open in less than 1 minute. Oh, and roughly only $400.

Vehicle keys with proximity functionality (car opens when you walk up to it), the signal can be transmitted via a booster box, normally placed inside a laptop bag. Requiring two personnel, one within a certain distance of your key and the other within a certain distance of your vehicle. They boost your keys signal, allowing the vehicle to be remotely unlocked and started. Normally whilst you sleep in your house or out shopping in town. Quite scary, often £4000 – £50,000.

Key learning. Keys will always need to be programmed via the dealership but some make it stupidly simple. Yes, you Range Rover! With equipment emulating the dealer diagnostics, key adaptation can be done within minutes. Often only requiring a key to be touched onto the start/stop button. You can purchase OBD blockers, which act as a counter, stopping attackers access into the vehicle.

All items can be purchased online, often from eastern European locations. » No sources will be revealed, sorry.

The security of the immobilizer is more often than not integrated within multiple ECU’s (control units) fitted to the vehicle. Brute force into these systems can be a lengthy process, often needing time waiting to gain entry. The need for speed, and to be gone in 60 seconds is what has fueled the black market industry with illegal tools. (Notice the puns 😉 )

Comprised inside eeproms in hex, key data is stored and married to other control units in the vehicle. This hex data often contains rolling codes which synchronize with the key to allowing authorization to start the vehicle. The main dealer diagnostics jumps straight to the coding procedure, or may possibly even require dealers to order in keys pre-coded to the vehicle data (too much to explain here). Although you can now see the issues presented to steal a car.

Given the right toolset, emulation or adaptation of a blank key can be done in quicker time than the dealership.

I recall the issue of RangeRovers being stolen in major cities. RangeRover modified all their vehicles to counter this method. Yet in the first week of this major software rollout, the hacker’s had already bypassed this measure. Often the case in cyberspace.

This touches the surface of what is out there.

Without wearing your eyes out on my poorly formatted write-up, I encourage you to check out the recent talks of Samy Kamkar and others detailing the security vulnerabilities in vehicles and their CAN-BUS networks.

Drive safe & stay safe people !

P.S »I hope this introduction to vehicle security encourages you all to take more interest in vehicle security matters, this is my first post to Cybrary, so gauging the reactions, may be last. Lol 🙂

Share with Friends
Use Cybytes and
Tip the Author!
Share with Friends
Ready to share your knowledge and expertise?
  1. Thanks for the information, another reason to garage your beloved at night

  2. Good read, This is something I’ve been starting to look into more as I realize that almost everything around me has some kind of computer in it, and can be exploited to some degree.

    It always amazes me how Car manufactures don’t just follow some kind of IAAA standard, If they do please post below.

    This could be done by giving the Purchaser of a new car, a Key card ( Similar to your bank card) But the main difference is that this card Contains some kind of biometric information ( preferably: Finger print or Hand Geometry) The card does not necessarily have to Contain the Actual Image of your Finger or Hand Geometry, Instead when the Key and Card are programmed your “Unique Identifiable Characteristics” are transferred into a hexadecimal format <– giving some sense of security to your personal biometric information.

    The Keycard should Also be the 3rd physical device that needs to be within proximity of the Vehicle for it to start, Possible even inserted <– we know that Physical Keys can be easily Cut, And Transponders can easily be programmed.
    Normally we need the "Cut Key" and The Programmed Key (Transponder)"
    However if we where to add another layer to this and say: the Keycard has to be in Proximity of the ECU for the ECU to transmit a message to the Transponder and Vise Versa.

    – This means for the Vehicle to be stolen the Owner of the Vehicle would need to lose possession of The Key, and the Keycard.(Keep Keycard In Wallet) – Lose wallet they can't take the Car – Lose Keys – They can't take the car.

    – Keycard ( SmartCard) needs to be in proximity of Both the ECU and transponder to Unlock Biometric information

    -This would render the , as the Chip is useless without the Card.

    -This would remove "Remote Unlocking" from the Vehicle, One Door will need to be unlocked and the rest with the CLS ( Central Locking System)

    -Another Option is a To Implement some kind of Synchronous Token Device where The event is based off the ignition or time between ignition attempts. ( how do we change it if we lose the device?)

    – A Phone could be used as a Synchronous device( Again how do we change it, if we where too lose the phone)

    -A Challenge response could even be used, if Manufacturers would Implement a small keypad/Screen, This could be used in conjunction with the Token Device – Where the Challenge is sent to the Token device which is used as a "Display" for the Owner ( Keep on Car Keyring) and the response is typed into the Keypad/ Screen in the Vehicle

    I Know that these methods are likely in-Practicable for Most Manufacturers to be implementing into their models, for starters it would be extremely expensive for them to implement any 1 of the mentioned above, None of the above "Access Controls" really account for Human Error anyway
    (If you keep all of your information on your Keyring or in your wallet <– you have a single point of failure)

    – there is still some doubt in my mind that even if ALL of the above ideas where implemented into a single Vehicle that it may not be any more secure. More moving parts = More room for exploitation ( Smart Cards, Memory Cards, are very insecure and often misplaced/dropped) ( Transponders are also Insecure and work on RFID signals, with the right knowledge you could easily send a signal to the Transponder and receive the response it would normally give to the vehicle)

    – Implementation of any one of these methods increases the amount of Random objects the owner needs to carry around and look after.

    I do not believe we will see many major changes in this security anytime soon, possible with Smart cars – the vehicle may be able to identify the Driver using some kind of scanning where the Driver is likely to have a Mobile phone and the car may be able to identify them through means of communicating to the phone ( like authentication? )

    – Most of these Controls are too expensive and In-practicable for non-luxury vechiles, due to the cost of implementing any one of them.

  3. You gave us the tips on what the thief can do! Now give us some ideas to prevent this.

    • Other than installing an obd blocker, which is pretty pointless in my opinion, there isn’t any way to stop this.

      It applies to all car brands, and sadly is unstoppable as of writing.

      Dealers need a way to code keys, hackers just exploit this.
      Every car must by law have a physical lock on at least one door. So lockpicks will always work, regardless of car.

      Sad truth, but nothing can be done.

  4. Excellent work, thank you very informative.

  5. Your valuables are still safer locked in your car on the street than with Internet banking.

Page 2 of 2«12
Comment on This

You must be logged in to post a comment.

Our Revolution

We believe Cyber Security training should be free, for everyone, FOREVER. Everyone, everywhere, deserves the OPPORTUNITY to learn, begin and grow a career in this fascinating field. Therefore, Cybrary is a free community where people, companies and training come together to give everyone the ability to collaborate in an open source way that is revolutionizing the cyber security educational experience.

Cybrary On The Go

Get the Cybrary app for Android for online and offline viewing of our lessons.

Get it on Google Play

Support Cybrary

Donate Here to Get This Month's Donor Badge

Skip to toolbar

We recommend always using caution when following any link

Are you sure you want to continue?