Cars Being Stolen With Keyless Entry
Car owners who toss their keys on tables or near their front doors may be unwittingly giving thieves the ability to take over the signal. This relay attack is one of the advanced methods criminals are employing to steal new keyless cars.
All keyless ignition cars emit an low-power radio signal that is in search of a fob to respond. If the signal is captured and recreated, it can be used to unlock the car and then start it up.
Relay Attack
Imagine your car safely parked in the driveway, and the key fob safely in your home. You're confident that your vehicle is safe, but unnoticed by you sophisticated thieves are planning an attack. Instead of breaking windows or jimmying locks, thieves are leveraging technology to gain access to cars through digital cracks in their armor. This method of stealing vehicles with keyless access is known as relay theft.
The keyless entry system found in cars is controlled by a signal by the car's RF transmitter to the key fob. To ensure that keyless entry is not unauthorized, the RF transmitters in the key fob as well as in the car are programmed to only be activated when they're within certain distance of each other. The thief can circumvent this limitation using a technique known as the relay-attack.
To accomplish this, two people work together One stands near the car with a device that captures an electronic version of the key fob's signal. The other who is at home with the owner is using a second device to transmit the signal from the key fob back to the car. This trick tricks the car into believing the key fob is at a distance sufficient to unlock and start the vehicle.
In the past, this type of attack required expensive equipment to carry out. You can now buy a relay transmitter for a small price on the internet and complete an heist in a matter of minutes. This is the reason car thieves are enthralled by it.
All modern vehicles with keys are at risk. Some cars are more vulnerable to this type than others. Researchers have examined 237 well-known automobiles and found that all of them could be taken by this method.
Tesla vehicles are believed to be less vulnerable to this kind of theft. However, the company hasn't yet implemented UWB technology to allow it to conduct distance checks and stop attacks via relay. The company has said it will do so in the future, but until then they are vulnerable. Installing an anti-theft device that safeguards your car and your keys against these types of attacks is a proactive approach to ensure the security of your vehicle.
CAN Injection Attack
Modern cars are designed to protect themselves from theft by transferring cryptographic messages using the key to prove it's authentic. This system is generally reckoned to be secure, but criminals have found a way around it. They simply impersonate the smart key and send messages to the car letting it unlock the doors, turn off its engine immobilizer, and let them leave the car. To achieve this, they need access to the smart keys' internal communication network.
These days, most cars are equipped with between 20 to 200 electronic control units (or ECUs) which control different aspects of the car's operation. They communicate with each other using the CAN bus. These ECUs enter a low-power sleep mode to lower their power consumption. This mode is activated when ECUs receive an "wake up" frame. These frames are usually sent by the ECU that is in charge of the smart key or door. However, these messages aren't always authenticated or encrypted so they could be snatched by criminals with a cheap and simple device.
They search for a spot where they can connect directly to the wires for CAN connection. They usually are hidden in the headlights or in other places in the front of the vehicle. To gain access to them, you need to remove the bumper and cut holes in the headlamp assemblies. The criminals then employ a device dubbed an CAN injection attacker to send fake messages that fool the security systems of the car into unlocking it and disengaging the engine immobilizer.
These devices are available for sale on the Dark Web, and work for all major car manufacturers, including BMW, Cadillac, Chrysler, Fiat, Ford, Honda, Hyundai, Jaguar, Jeep, Lexus, Nissan, Renault, Toyota, Volkswagen, Maserati, and many more. Researchers who have discovered the CAN Injection attack recommend that all car makers address this in their existing models. However, these criminals will continue taking whatever they can. We can stop this by implementing mechanical safety measures such as Discloks in all our vehicles and parking them in well-lit, visible areas.
Jamming the Signal
In a different variation of the relay attack, thieves could use a gadget to jam the signal that is sent by an electronic key fob if the vehicle is locked. The device could be found in the pocket or hiding where a burglar is hiding on an open parking lot or in the driveway that is being targeted. When owners hit the lock button on their fobs and walk away they don't consider whether or not their car is actually locks. The device of the crook blocks the signal that locks the vehicle. Therefore, thieves could escape with the car.
The crooks also use devices to amplify the signal from the key fob to unlock vehicles. They can do this when the key is in the driver's pocket or hanging from a hook in the house. Once the car has been unlocked, hackers can make use of the standard diagnostic port to program a blank fob.
To guard against this kind of attack, car manufacturers have developed a variety of anti-theft gadgets. But, thieves are constantly finding ways to beat these measures.
They've begun using devices that transmit at the same frequency as remote keyfobs to intercept signals. The crooks can then copy the key fob's unlock code and then start the car with this fake signal.
This method is especially popular in the US, where many cars are equipped with wireless technology. Owners can unlock and start their vehicle using a mobile application on their smartphone. This technology is likely to gain popularity as more and more companies attempt to link their vehicles to their owners' smartphones.
In addition to implementing anti-theft systems in vehicles, it's important for drivers to use the best practices when parking their vehicles. It is not a good idea to leave keys in the ignition. They should always ensure that the car is securely locked when they're not using it and should utilize the steering wheel or a gearstick lock, if it is possible. They should also consider installing a tracking device to their car in case it is stolen.
Flat Battery
This kind of attack occurs more often than people realize. Thieves make use of cheap devices to extend the signal from your key fob to unlock and begin a car even when it's turned off. Then they drive the vehicle to an unmarked trailer or around a corner, and take the car away. Installing a starter circuit interruption switch will protect your vehicle from this. Simpler versions include an ON/OFF button which interrupts the circuit. It's about $15 and is simple enough to put in yourself.
Car thieves are always trying new ways to gain access to vehicles and then steal them. Police, car manufacturers and insurance companies are constantly trying to stay abreast of the latest methods and offer better anti-theft systems for modern vehicles. However, this isn't stopping thieves who be quick to adapt and find ways to read more circumvent the latest anti-theft technology.
For example, many thieves use devices that operate on the same frequency as the fob to block the signal. The device is tucked away in the pocket or close by the vehicle and prevents the fob from sending the lock command to the car. This can be accomplished in a matter of seconds. The device is inexpensive and can be purchased online.
Another tactic is to hack into the car's computer system. This is harder but still possible. Hackers have developed devices that plug into the diagnostic port of all vehicles and allow them to connect to the software. They can then program an unfinished fob to work. It is possible to do this on older cars also however it is more difficult if you remove the ignition.
This method is likely to be more popular if more vehicles are connected with drivers' mobile phones. Once a criminal has access to the username and password to an application for vehicles, they can unlock or start the vehicle by using the app. You can help be safe from these kinds of attacks by not putting valuables in your car and putting it in a garage or secure parking lot.