This became known to the public after the NCC Group company uploaded a video to Reuters, in which one of the researchers, Sultan Qasim Khan, can be seen conducting a vulnerability test on the security system of the Tesla Inc vehicle’s digital lock application.
Qasim Khan easily cracked the bluetooth technology on a digital lock, just by using a small relay device attached to a laptop. The device is used to connect hacker accounts with Tesla drivers’ cellphone owners.
After the two devices are connected, then the relay device manipulates the bluetooth so that the system cannot track the whereabouts of the hacker.
For information, most of Tesla Inc’s vehicle products are designed using the Bluetooth Low Energy (BLE) protocol, this system allows users to be able to control the car using only a cellphone.
Although it offers sophistication for users, the weak security system embedded in BLE makes it easy for hackers to break into and drive a vehicle. This is certainly detrimental to Tesla car users.
Shortly after testing the vulnerability, the NCC Group immediately sent a security risk report to the Tesla company.
Prior to the trial of this security system, Tesla Inc’s vehicles had also experienced a similar case, to be precise in early 2020. Where a researcher Lennert Wouters, carried out a break-in on a Tesla model X, by exploiting two weak points, namely the keyfob and the Bluetooth system.
From the various cases above, the CEO of the NCC Group appealed to the Tesla company to improve the security system on the BLE protocol embedded in their vehicles, so that Tesla vehicle users can avoid the risk of dangerous break-ins.