Exploit in Bluetooth Technology Leaves Tesla and Other EVs Open to Hackers

Keyless-entry devices could be susceptible to cyber attacks due to a vulnerability in Bluetooth technology.
Written by Allison Stone
Reviewed by Kathleen Flear
Much like the rest of our devices,
electric cars
are attempting to create a more seamless user experience through integrated, cloud-based technology. Using
keyless entry
on a Tesla, for example, sure is convenient, but cybersecurity experts have had concerns about this feature in particular since its inception. 
Technically any vehicular feature that connects to an internet network is susceptible to hacking, but for a hacker to be able to access keyless entry is a devastating security risk.

The latest exploit in electric cars

According to
, Sultan Qasim Khan recently discovered what he had suspected all along—that an effective hack on Tesla Model 3 and Model Y cars would allow a thief to not only unlock and enter a vehicle but to start it and drive away. Khan is a principal security consultant at the Manchester, UK-based firm NCC Group.
Khan stated that the hack, which redirects communications between the car owner’s mobile device, key fob, and the car, would allow hackers to trick the car into thinking the owner was nearby.
 It is not only Tesla vehicles that are susceptible either, but any vehicle that uses Bluetooth Low Energy (BLE) protocol could theoretically be at risk. 
Let Jerry find your price in only 45 seconds
No spam · No long forms · No fees
Find insurance savings

Should Tesla owners be concerned about hackers?

Khan presented his findings to Tesla, but company officials didn’t seem too concerned. This isn’t the first time this potential risk has been reported to
, either. 
Just earlier this year, a 19-year-old cybersecurity researcher David Colombo managed to gain access to dozens of Teslas across the world. In this experiment, Colombo claimed that he was able to remotely run commands through a security flaw in an open-source logging tool called TeslaMate
Colombo also immediately alerted Tesla’s security team about the flaw, and they quickly rolled out a patch to address the issue. Khan’s findings, however, pose a more complex issue with a more difficult solution. 

Convenience over security

BLE protocol is great for conveniently linking devices together over an internet connection, but according to Khan, it remains one of the biggest security risks that electric carmakers have overlooked. 
NCC group claimed that it was able to successfully hack other carmakers' and technology companies’ devices through this methodology. 
Khan even demonstrated a potential attack for Bloomberg, with technology and equipment that can be easily accessed online and doesn’t cost more than a few hundred dollars at most. Within seconds, Khan was able to remotely unlock the car
A 2019 study by a British consumer group had similar findings, concluding that more than 200 car models were susceptible to keyless theft. 
It seems unlikely that automakers will move away from using keyless or Bluetooth technology, but a representative at Bluetooth SIG told Bloomberg that security was at the forefront of its mission. 
“The Bluetooth Special Interest Group (SIG) prioritizes security and the specifications include a collection of features that provide product developers the tools they need to secure communications between Bluetooth devices,” said the representative.
Are you overpaying for car insurance?
Compare quotes and find out in 45 seconds.
Try Jerry

Easiest way to compare and buy car insurance

No long forms
No spam or unwanted phone calls
Quotes from top insurance companies
Find insurance savings