Consumer Watchdog Hacks A Tesla to Prove Dangers of Wirelessly Connected Cars

Published on

Los Angeles, CA – The nonprofit, nonpartisan Consumer  Watchdog today released a video showing how a box it built with the help of technologists could hack into the wireless connection of a Tesla and take over the screen with a “This Tesla’s Been Hacked” message.  

The video can be viewed here: https://youtu.be/RgpmJ6OhPns

The group said the demonstration showed how vulnerable the wireless connection in the cars is– by amplifying the signal it could work on many vehicles simultaneously, a large scale hack.  Once in control of the screen, a hacker could suggest malware be downloaded, potentially giving them access to the car’s operation and control over the vehicle, or otherwise sabotage the car.

Consumer Watchdog released the video in conjunction with its new report, “Connected Car Report 2020: The Models Most Open To Hacks,” in which it reviews the “Hack 10” of top selling cars.

Read the report here: https://www.consumerwatchdog.org/sites/default/files/2020-11/Connected%20Car%20Report%20v8%20compress.pdf

The report finds all of Car and Driver’s top 10 best-selling cars for 2020 clearly have features that allow wireless connectivity with safety critical systems and no known way to disconnect those systems. This leaves the vehicles vulnerable to an unprecedented, large-scale hack.

“The 2020 fleet is wired for remote start options that connect to safety critical systems wirelessly and leave these cars vulnerable to fleet wide hacks,” said Jamie Court, president of Consumer Watchdog. “The remote start capability is accessed through the same digital systems that control steering, acceleration, and braking — potentially giving hackers control over those as well. Automakers acknowledge to their shareholders that their designs are very vulnerable to malicious hacks at the same time as they promote their wireless start features to the public as a panacea. If Consumer Watchdog can hack a Tesla’s wireless connection from outside the vehicle imagine what mischief a hostile foreign actor could do with exponentially more resources.”

To prepare its “Connected Car Report 2020,” Consumer Watchdog reviewed technical specifications and surveyed dozens of sales departments and service technicians at major car manufacturers.

The nonprofit group found that many dealership employees misrepresented that the safety-critical systems of top selling models are linked online and the dangers of such connections.  None of the cars came with an apparent method to disconnect the car from the wireless connection.

When safety critical systems – brakes, engine, steering – are connected wirelessly there is the possibility of that connection being hacked on a fleet-wide basis. This danger is outlined in Consumer Watchdog’s previous report, “Kill Switch: Why Connected Cars Can Be Killing Machines and How To Turn Them Off.” 

The group reserved its grand prize of “Most Hackable Car” for Tesla based on its history of hacks, outlined in the “Connected Car Report.”

For example, in July 2017, Tesla CEO Elon Musk professed that the biggest danger of autonomous car technology was a “fleet wide hack.” In August 2020, it was reported that just months before that 2017 statement Tesla had faced a fleet wide hack, but failed to reveal it to the public or regulators. Instead, it paid the discoverer of the problem to kept the incident quiet.  Read the story at https://electrek.co/2020/08/27/tesla-hack-control-over-entire-fleet/

The company also faced a series of hacks by Keen Labs, a prolific hacker group based in China.

Unlike “white hat” hackers that disclose their findings privately to the company in exchange for payments, called bug bounties, Consumer Watchdog did not contact Tesla about the vulnerability it found.   The consumer group said that the point of the hack was to show that Tesla’s failure to commit to security by design puts the public at risk and it should have to face that fact in the light of public scrutiny.

Tesla has dismantled its North American public relations department and does not even have a liaison to the public to address safety concerns.

Consumer Watchdog tweeted at Elon Musk “Hey Elon. Hacked your Tesla. Can you figure out how?”

“Elon Musk will either figure out how we hacked the Tesla and patch the problem or he can drive his Tesla down to our office and we will show him how we did it in person on his car,” said Court. “The point is that Tesla’s system is insecure by design and puts the public at risk.  Musk and the car industry need to pay attention to the risks.  As we say in the video, we could have amplified the signal and performed the same hack on many Teslas simultaneously. It is inherently dangerous to have unsecured wireless connections to safety critical systems in cars.”

-30-

Jamie Court
Jamie Court
Consumer Watchdog's President and Chairman of the Board is an award-winning and nationally recognized consumer advocate. The author of three books, he has led dozens of campaigns to reform insurance companies, financial institutions, energy companies, political accountability and health care companies.
Latest Privacy Videos
Video thumbnail
KCAL-LA - Los Angeles, CA: Personal Data Used To Target Shoppers
06:36
Video thumbnail
KCBA (FOX) - Monterey, CA: CA Bill Aims To Put An End To Surveillance Price Gouging
00:55
Video thumbnail
KLAS-LV (CBS) - Las Vegas, NV: Surveillance Pricing
00:46
Video thumbnail
KIRO-SEA (CBS) - Seattle, WA: CA Lawmakers Consider Bill On Price Gouging
00:51
Video thumbnail
AB 446 Press Conference
13:52
Video thumbnail
Consumer Alert: Surveillance Pricing
02:07
Video thumbnail
KTTV-LA (FOX) - Los Angeles, CA: Prices Are being Adjusted Based On Your Shopping Habits
03:42
Video thumbnail
KTVU-SF (FOX) - San Francisco, CA: Surveillance Price Gouging
05:49
Video thumbnail
KCAL-LA - Los Angeles, CA: Surveilance Price Gouging
03:17
Video thumbnail
KBCW 44 Cable 12 - San Francisco, CA: Meta Holiday Hack
03:25
Video thumbnail
KTVU-SF (FOX) - San Francisco, CA: Several Tech Bills Head To Governor's Desk
06:12
Video thumbnail
Al Jazeera: Google antitrust law trial US court says google is a monopolist, violated law
02:16
Video thumbnail
Consumer Alert — National Data Breach
01:24
Video thumbnail
KTVU-SF (FOX) - San Francisco, CA: Calm App, Doordash Software Sued For Data Sharing
05:40
Video thumbnail
Consumer Alert: No Opt Out
00:49
Video thumbnail
KCAL-LA - Los Angeles, CA: Investigation Into California's Newborn DNA Database
03:39
Video thumbnail
Consumer Alert: Data Parasites
02:07
Video thumbnail
KCBS - Los Angeles, CA: California Biobank Stores Every Baby's DNA; Parents Had No Idea
04:26
Video thumbnail
Consumer Alert: Wall Street using AI
01:48
Video thumbnail
KCBA (FOX) CA: Clearview AI Is Creating An AI Facial Recognition Software That Violates Privacy Laws
00:35
Video thumbnail
KGO CA: Consumer Watchdog Calls Attorney General to Investigate Clearview AI For Violating State Law
03:06
Video thumbnail
KNTV-SF (NBC) - San Francisco, CA: Tesla Recalls Millions of Cars
02:29
Video thumbnail
Consumer Alert: Clearview AI
01:19
Video thumbnail
Californians Now Have More Power Over Their Data
01:07
Video thumbnail
KPIX CBS TV-5 San Francisco, CA: Your Car's Computer Could Be Tracking And Reporting Your Every Move
00:48
Video thumbnail
California Votes YES on Privacy- Prop 24
13:14
Video thumbnail
Rage For Justice Report Podcast- Prop 24 For Your Privacy
19:18
Video thumbnail
Consumer Watchdog Hacks Tesla
02:00
Video thumbnail
FOX KSWB: New Internet-Connected Cars Could Get Hacked
01:05
Video thumbnail
ABC: Kill Switch Report Highlights Widespread Hacking Vulnerability of Connected Cars
02:12
Video thumbnail
KTTV FOX: Consumer Watchdog Report Warns That Hackers Can Take Over Your Car
05:02
Video thumbnail
SPECNEWS1: Watchdog Warns Cars With Internet Connection Vulnerable to Hacking
00:37
Video thumbnail
KBCW: Connected Cars Pose Risk to Driver Safety Due to Hacking Vulnerability
02:31
Video thumbnail
ABC KGO: Whistleblower Engineers Warn Connected Cars Need A Kill Switch to Stop Hacking
02:10
Video thumbnail
KCAL: Alarming Watchdog Report Shows Connected Cars Are Vulnerable to Hacking
02:51
Video thumbnail
ABC KGTV: Report Says Internet-Linked Cars Are Vulnerable To Hackers
00:30
Video thumbnail
KTTV Fox 11: Consumer Watchdog Report Shows How Vulnerable Connected Cars Are To Dangerous Hacking
01:05
Video thumbnail
NBC: Watchdog Report Show Connected Cars Lack of Cybersecurity Put Drivers at Risk
03:38
Video thumbnail
CBS KGPE: Connected Cars Pose A Cybersecurity Risk
03:05
Video thumbnail
Fox WDAF: High-Tech Cars Put Drivers At Risk Of Hacking Interference
00:47
Video thumbnail
ABC WXYZ: Connected Cars Can Be Hacked Says Kill Switch Report
01:36
Video thumbnail
KTTV GDLA: US Senators Write NHTSA About Connected Car Concerns
01:17
Video thumbnail
FOX KPTV: Kill Switch Report Details Cybersecurity Issues With Internet Connected Cars
02:28
Video thumbnail
CBS LA: Kill Switch Study Finds Connected Cars Are Vulnerable to Hacking
01:41
Video thumbnail
FOX KTTV: Consumer Watchdog on Privacy Issues, Hacking Risks With Internet-Connected Toys
03:00
Video thumbnail
CBS Evening News With Norah O'Donnell: Jamie Court Explains the Value of CA's Consumer Privacy Act
02:04
Video thumbnail
WAFF TV-48 Alabama: Watchdog Report Highlights Car-Hacking Risks
03:16
Video thumbnail
ABC KFSN: Internet-Connected Vehicles At Risk Of Being Hacked Says New Watchdog Report
00:33
Video thumbnail
KPIX CBS: Connected Cars Need A Kill Switch To Stop Dangerous Hacking
02:31
Video thumbnail
KCAL: Kill Switch Report Warns of Hacking Risk For Connected Cars
01:29

Privacy In The News

Latest Privacy Report

Support Consumer Watchdog

Subscribe to our newsletter

To be updated with all the latest news, press releases and special reports.