Tag Archives: Relay Station Attack

How secure is your new car?

Car manufacturers regularly introduce new features to make our motoring lives easier and more secure. However in recent week, vulnerabilities have emerged that highlight potential dangers of smart car connectivity.

As reported by The Register, a vulnerability was discovered affecting BMW cars allowing an attacker to open doors and windows via a weakness in the My BMW Remote smartphone app.

BMW have reportedly deployed a software patch for all affected models remotely, but it is worth double-checking with your dealer to make sure it has been applied.

Worryingly, this type of vulnerability is not new.  Keyless entry systems for cars built within the last decade have increasingly come under attack, and exploits only get more sophisticated over time.

In 2011, Swiss security researchers from ETH Zurich University conducted experiments covering 10 cars from different manufacturers and found serious flaws that could allow someone to open the doors and start the engine of your car using a “relay station attack”.

 

Relay Attack

Image courtesy of Wikipedia

 

The research demonstrated that some modern cars using a “Passive Keyless Entry System” (PKES), where you don’t need to insert a key into the car to start it, could be stolen by using a trick to amplify the radio signal transmitted by your keyless remote.

When you park your car at night, where do you leave your keys?  I’ll be placing mine inside a lead box from now on – or taking the battery out!  And let’s hope the car manufacturers eventually get it right in the meantime.

Until next time, stay safe out there.