Sign In

Communications of the ACM

ACM News

Teen Cyber Prodigy Stumbled Onto Flaw Letting Him Hijack Teslas

View as: Print Mobile App Share:
David Colombo.

David Colombo,above, said he found more than 25 Teslas in 13 countries throughout Europe and North America that were vulnerable to attack, and that subsequent analysis indicated there could have been hundreds more.

Credit: David Colombo

David Colombo, a 19-year-old cybersecurity researcher in Germany, came upon the biggest discovery of his young career by accident.

He was performing a security audit for a French company when he noticed something unusual: a software program on the company's network that exposed all the data about the chief technology officer's Tesla Inc. vehicle. The data included a full history of where the car had been driven and its precise location at that moment.

But that wasn't all. As Colombo dug deeper he realized that he could push commands to Tesla vehicles whose owners were using the program. That capability enabled him to hijack some functions on those cars, including opening and closing the doors, turning up the music and disabling security features. (He couldn't take over the cars' steering, braking or other operations, however.)

The discovery, which Colombo published on Twitter this week, triggered a vigorous discussion online as the latest example of hacking risks associated with the so-called Internet of Things, where seemingly every product -- from refrigerators to doorbells -- now have an internet connection.

From Bloomberg
View Full Article



No entries found

Sign In for Full Access
» Forgot Password? » Create an ACM Web Account