Cars Being Stolen With Keyless Entry
If car owners leave their keys on the table or near their doors, they may not realize that they are allowing thieves to hijack their signal. This relay attack is just one of the latest techniques criminals are using to steal brand new keyless vehicles.
All keyless ignition vehicles emit a low power radio signal to locate an appropriate fob. If the signal can be recorded and recreated, it can be used unlock the car and to start it.
Relay Attack
Imagine your car being parked safely in the driveway, and the key fob tucked away inside your home. You're sure that your car is safe, but unnoticed by you, sophisticated thieves are plotting a heist. Instead of slamming windows or jiggling locks, these thieves are using technology to hack into cars via digital chinks in their armor. This method of stealing cars with keyless access is known as relay theft.
The keyless entry system found in cars is controlled by a signal sent by the car's RF transmitter to the key fob. To ensure that keyless entry is not unauthorized, the RF transmitters in the key fob and in the car are programmed to only activate when they're within a certain distance from each other. However, thieves are able to bypass this limitation with an attack known as the'relay attack'.
Two people are required to do this: one person is near the car and utilizes a device to capture a digitalized version of the signal from the key fob. The other, in the vicinity of the owner's house is using a different device to transmit the key fob's signal down to the car. This trick tricks the car into thinking the key fob is close enough to allow it to unlock and begin the engine.
This type of attack was once a costly process that required expensive equipment. However, now you can purchase relay transmitters for low cost online and conduct a heist in minutes. This is the reason car thieves love it.
All modern vehicles with keyless access are at risk. Certain cars are more vulnerable to this type of attack than others. Researchers have tested 237 of the most popular automobiles and found that all of them could be taken through this method.
Tesla cars are said to be less susceptible to this type of theft, but the company hasn't yet implemented UWB features that would effectively perform distance checks on the car's signal to stop relay attacks. The company has stated that they will do so in the future, but until then they are still vulnerable. That is why it's important to be proactive about your car security and install an anti-theft tool which protects your keys as well as your the car from such attacks.
CAN Injection Attack
Modern cars are designed to guard themselves from theft by exchanging cryptographic data with the key to prove it's authentic. The system is thought to be secure, however criminals have found ways to circumvent it. They pretend to be the smart key, then send messages to the vehicle, and then drive away. To accomplish this, they have access to the smart keys' internal communication network.
Most cars today are equipped with between 20 and 200 electronic control units, also known as ECUs, which control various aspects of the vehicle's operation. They communicate via the CAN bus network. To keep power consumption low the ECUs go into sleep mode with low power that is activated when they receive a 'wake up frame. These frames are usually sent from the door or smart key receiver ECU. However they aren't always encrypted or authenticated and, therefore, can be intercepted by criminals who have a low-cost and basic device.
To do this, they look for a spot that allows them to connect directly to the CAN bus wires. They are usually hidden in the headlights or in front of the car, and are accessible by pulling the bumper off and cutting holes in the headlamp assembly to expose the wires. The criminals then employ a device known as an CAN injection attacker, which is used to send fake messages which trick the car's security systems into unlocking it and disengaging the engine immobilizer.
These devices are available for purchase on the Dark Web, and work for the majority of major car manufacturers, including BMW, Cadillac, Chrysler, Fiat, Ford, Honda, Hyundai, Jaguar, Jeep, Lexus, Nissan, Renault, Toyota, Volkswagen, Maserati, and many more. Researchers who have discovered the CAN Injection attack recommend that all car makers fix the issue in their current models. However, the thieves will continue taking any opportunity they can. We can stop this by installing mechanical security measures such as Discloks in all of our cars and parking them in well-lit and visible areas.
Blocking the Signal
In a variation of the relay attack, which makes use of a device, thieves can jam the signal from key fobs while the car is locked. The device could be found in the pocket or in the hiding where a burglar is hiding on a parking lot, or even near the driveway being targeted. Once owners press the button to lock their fobs, and then walk away, they don't think about whether or not the car is really locked. The device of the crook blocks the signal that locks the car. Therefore, thieves could leave the vehicle.
They also have devices that amplify signals from the key fob to unlock vehicles. The crooks can do this even when the key is in the driver's pocket, or hanging from an outside hook in the home. When the car is unlocked, they can make use of an ordinary diagnostic port or computer hacker to program the blank key fob and gain control over the vehicle.
To protect against this type of attack, car makers have come up with a range of anti-theft devices. But thieves always find ways to defeat these measures.
For example, they've started using devices that transmit on the same frequency as remote key fobs to intercept their signals. The crooks can then copy the unlock code of the key fob and then start the car with this fake signal.
This technique is particularly popular in the US in which many vehicles come with wireless technology. Owners can start and unlock their car using a mobile application from their mobile. This technology is likely to become more popular as more and more manufacturers try to connect their vehicles to their owners' smartphones.
It is crucial that drivers use best practices when parking their vehicles. They shouldn't leave their key fobs in the ignition, should always ensure that the car is securely locked when they're not in it and should use the steering wheel or a gearstick lock, if it is possible. It is also recommended to consider having a tracking device fitted to their vehicle in the event that it is stolen.
Flat Battery
This kind of attack occurs more often than people realize. The thieves employ inexpensive devices that extend the signal from your key fob in order to unlock and start your car even if it is off. They then drive the car around a corner or onto a trailer to leave with it. Installing a starter circuit interruption switch would protect your car against this. Simpler versions come with an ON/OFF button that interrupts the circuit. It's about $15 and is easy enough to put in yourself.
Car thieves are always looking for new ways to enter vehicles and take them away. Car manufacturers, police and insurance companies are always trying to stay abreast of the latest techniques and offer better anti theft systems for modern vehicles. However, this does not stop thieves who are able to easily adapt and find ways to bypass the latest anti theft measures.
For example, many criminals employ a device that works on the same radio frequency as the fob in order to block the signal. They place the device in their pockets or in a location close to their vehicle, and it stops the fob's lock signal from reaching the vehicle and thereby leaving it unlocked. This can be accomplished in a matter of minutes. The device is inexpensive and readily available on the internet.
Hacking the computer system of the car is another option. This is more difficult, but possible. Hackers have created devices that connect to here the diagnostic port of all vehicles and permit them to connect to the software. From there, they can program a blank key fob and get it to work. It is possible to do this on older vehicles also, but it's more difficult without taking out the ignition.
As more vehicles are linked to the phones of drivers, this method may become more popular as well. Once a burglar has gained the username and password to an app for vehicles they are able to open the car or get it started using the app on their phone. It is possible to be safe from these kinds of attacks by not putting valuables in your car, and then parking it in a secure garage or parking lot.