Cars Being Stolen With Keyless Entry
Car owners who leave their keys on tables or near their front doors could be giving thieves the ability to take over the signal. This relay attack is a high-tech method criminals use to steal keys from new vehicles.
Keyless ignition vehicles emit a low-power radio signal that is used to locate a matching fob. If the signal is captured and recreated it can be used to unlock the car and then start it up.
Relay Attack
Picture your car parked securely in the driveway, and the key fob safely inside your home. You may be confident that your vehicle is secure however, sophisticated thieves are planning to steal your car without you even knowing. Instead of slamming windows and jiggling locks, they are using technology to hack into cars via digital cracks in their armor. This method of stealing vehicles with keyless access is known as relay theft.
The keyless entry system in cars is controlled by a signal by the car's radio transmitter to the key fob. To prevent keyless entry by unauthorized individuals the RF transmitters that are on the key fob and the car are programmed to activate when they are within a specific distance from each other. However, thieves are able to bypass this limitation with a technique called the 'relay attack'.
Two people are required to complete this: one person is close to the car and uses a device to capture digitally the signal from the key fob. The other, in the vicinity of the home of the owner and using a second device to send the key fob signal back down to the car. This trick tricks the car into thinking the key fob is close enough to unlock and start the engine.
In the past, this type of heist required expensive equipment to perform. You can now buy a relay transmitter for a small price on the internet and complete a heist within minutes. This is why it's so popular among car thieves.
While some cars are less susceptible to this kind of theft than others, all modern vehicles that have keyless entry are vulnerable. Researchers have tested 237 popular cars and found that every one of them can be stolen through this method.
Tesla vehicles are supposedly less vulnerable to this type of theft, however the company hasn't yet implemented UWB features that would effectively perform distance checks on the car's signal to stop relay attacks. The company has said it will make this happen in the near future, but until then they are still vulnerable. Installing an anti-theft device that protects both your car keys and your keys against these types of attacks is a proactive way to ensure the security of your vehicle.
CAN Injection Attack
Modern vehicles are designed to shield themselves from thieves by transferring cryptographic messages using the key to prove it's authentic. The system is generally believed to be secure, but thieves have found a way to circumvent it. They can impersonate the smart key and send other messages to the car, letting it unlock the doors, turn off its engine immobilizer, and then go on their way. To do this they have access to the smart key's internal communication network.
Nowadays, the majority of cars are fitted with between 20 to 200 electronic control units (or ECUs) that manage different aspects of the car's operation. They communicate with each other via the CAN bus. These ECUs are put into a low power sleep mode to decrease their power consumption. This mode is activated when ECUs receive an "wake up" frame. These frames are typically sent by the ECU that is in charge of the smart key or door. However they aren't always authenticated or encrypted and, therefore, can be intercepted by criminals using a cheap and simple device.
To do this, they look for a place where they can connect directly to the CAN bus wires. They are usually hidden in the headlights or in other areas of the front of the vehicle. To get them, you must pull the bumper and cut holes in the headlamp assemblies. The criminals then employ a device known as an CAN injection attacker, which is used to send fake messages that can trick the car's security systems into unlocking it and disengaging the engine immobilizer.
These devices are for purchase on the Dark Web, and work for most of the major car makers, including BMW, Cadillac, Chrysler, Fiat, Ford, Honda, Hyundai, Jaguar, Jeep, Lexus, Nissan, Renault, Toyota, Volkswagen, Maserati, and more. The researchers who discovered this CAN Injection attack are recommending that all car makers address it in their existing models, but the reality is that these thieves will continue to steal whatever they can get their hands on. We can prevent this by implementing mechanical safety measures, such as Discloks inside every car we own and parking them in well-lit, visible areas.
The Signal is blocked
In a variant of the relay attack, which employs a device, thieves can jam the signal sent by a key fob while the car is locked. The device could be inside the pocket of a burglar in a parking area or in a hideout near the driveway that is being targeted. The owners don't know if the vehicle is locked when they press the lock button. Instead, thieves can escape with the vehicle since the signal that normally locks the car has been blocked by the device of the criminal.
The crooks also employ devices to amplify the signal from the key fob to unlock vehicles. The crooks can do this even if the key is in a driver's pocket or hanging from an outside hook in the home. After the car has been unlocked, they can use the standard diagnostic port or computer hacker to program a blank key fob and gain control of the vehicle.
To safeguard against this kind of attack, car makers have developed a variety of anti-theft gadgets. But thieves always find ways to defeat these measures.
For instance, they've been using devices that transmit on the same radio frequency as remote key fobs to intercept their signals. The crooks then copy the key fob's unlock code and then start the car using this fake signal.
This technique is particularly popular in the US where a lot of cars have wireless technology. Owners can start and unlock their car through a mobile application on their phone. This technology will likely become more popular as more manufacturers try to connect their vehicles with their owners phones.
In addition to installing anti-theft technologies in vehicles, it's important for drivers to use the best practices when they park their vehicles. It is not a good idea to leave keys in the ignition, and should always ensure that the vehicle is locked completely when they're not in it and should make use of an engine or steering wheel lock if possible. It is also recommended to consider installing a tracking device to their vehicle in the event that it's stolen.
Flat Battery
This kind of attack is more frequent than most people realize. The thieves use low-cost devices that increase the signal from your key fob to unlock and start your car, even in the event that it is off. Then, they drive the car to the trailer or around a corner, and take it away. Installing an interrupter switch for the starter circuit would protect your car against this. The most basic ones have an ON/OFF switch that interrupts the starter circuit. It costs around $15 and is easy to install.
Car thieves are always looking for new ways to gain access to vehicles and steal them. Car manufacturers, police and insurance companies are always trying to stay on top of the latest tactics and provide more effective anti-theft systems for car stolen keys left in car modern vehicles. But this does not stop thieves who are able to easily adapt and find ways around the most recent anti-theft measures.
Many thieves jam the signal by using devices that use the same radio frequency as the fob. They place the device in their pocket or somewhere near their vehicle, and it blocks the fob's lock command from reaching the vehicle which leaves the vehicle unlocked. This can be done within seconds. The device is inexpensive and can be purchased on the internet.
Another option is to hack into the car's computer system. This is more difficult but it is still feasible. Hackers have created devices that connect to the diagnostic port of all cars and allow them to connect to the software. They can then program the fob with blank code to function. It is possible to do this on older cars too but it's more difficult without removing the ignition.
As more vehicles are connected to the phones of drivers, this method may be more popular. Once a burglar has the username and password to an application for vehicles, they can unlock or start the vehicle using the app. You can protect yourself by not leaving valuables inside your car, and also by parking in garages.