OnStar Hacked, Tesla Hacked, Chrysler Hacked, Next?

Hackers take control of GM's OnStar system and a Tesla Model S, all in the name of research.

Posted in News

— Fiat Chrysler has been making the news lately after the media went wild with news of a Jeep Cherokee that was controlled by two hackers sitting in a basement. What followed was the recall of 1.4 million Fiat Chrysler vehicles, and semi-investigations opened by the National Highway Traffic Safety Administration (NHTSA).

While not calling them official investigations, NHTSA uses the labels "recall query" and "equipment query" to describe the government probe into Chrysler vehicles and Harmon Kardon radios. The Harmon infotainment systems are under the microscope because they are used in the recalled vehicles and it's through those systems the hackers gained access.

Not wanting Fiat Chrysler to be the focus of the party, hackers have been busy toying with GM's OnStar system and the inner workings of a Tesla Model S. However, there wasn't anything for the average driver to fear from these specific hackers as they are of the "white-hat" variety, the people who hack into systems and use the results to convince companies to close security loopholes.

Tesla Model S

Tesla Motors is known for its futuristic electronics including the ability to send over-the-air updates to cars. Those updates will come in handy as two security researchers say they found six security openings in the Tesla Model S.

Kevin Mahaffey and Marc Rogers said specific details of the hack will be made public at a hacker conference, but it's known this wasn't an off-the-wall job. The researchers had direct access to a Model S for two years that allowed them to study the car.

They learned to get into the system from the outside wasn't extremely easy and as such, they had to connect into the car using an Ethernet cable. Once that was complete, remote access could occur at any time the researchers wanted which allowed the hackers to control the speedometer reading, locks, digital viewing screens and windows.

The electronic invaders also controlled the speed of the car but the Tesla Model S was prepared. The Model S is manufactured to shift into neutral if the car is traveling above 5 mph and loses power. A sudden loss of power would also activate a hand brake and all the steering, braking and airbag systems will still be functional.

Tesla owners have nothing to worry about from the hack because the automaker already developed a patch to block the security holes. Tesla has already sent the update remotely where an owner only has to click a button to update their car.

OnStar from GM

Security researcher and hacker Samy Kamkar decided to see what the OnStar system is made of and from that venture was born the "OwnStar" hacking device. Kankar posted a video (below) describing how to unlock, start and track a General Motors car equipped with OnStar.

Kamkar says the problem is the software used by OnStar and once the system can be exploited, a hacker can have control indefinitely. However, Kamkar said gaining access to a car wouldn't be magic because a hacker would need to be physically close to a user when the OnStar app is opened.

It's not the first time OnStar has been hacked. Early in 2015, the U.S. Department of Defense said it hacked into the OnStar system of a Chevy Impala and took control of the car.