A 19-year-old security researcher and coding enthusiast recently claimed he exposed vulnerabilities in Tesla’s (TSLA) – Get Tesla Inc Report connected keyless entry and driving system by remotely unlocking doors and windows of several cars, tuning into the car stereo, flashing car headlights and even starting their engines to drive.
David Colombo, an information technology security specialist, who runs IT security services company Colombo Technology in Germany said he was able to hack into more than 25 Tesla vehicles in more than 13 countries, earlier this week.
The hack was made possible due to “flaws in a piece of third-party software,” used by Tesla, according to a Bloomberg report.
“It’s Primarily The Owners Fault”
Colombo was able to use sensitive personal information of Tesla owners shared with a third-party software provider. Other additional details were not provided.
Colombo tweeted that he has been in touch with members of Tesla’s security team and the maker of the third-party software.
“Just don’t connect critical stuff to the internet,” Colombo told Bloomberg. “It’s very simple. And if you have to then make sure it is set up securely.”
“It’s primarily the owners (& a third party) fault,” Colombo said in a response to questions from Bloomberg
TheStreet’s request for comment from Colombo remained unanswered at the time of press.
Tesla did not immediately respond to a request for comment.
Not Tesla’s First Brush With Hackers
This is not the first time someone has hacked into Tesla cars.
In 2020, the Autopilot of the Tesla Model X was hacked, multiple times.
In one instance, Israeli researchers at Ben Gurion University tricked the car by flashing “phantom” images on a road, wall or sign, causing it to unexpectedly brake or steer in the wrong direction.
A few months later, Lennert Wouters, a researcher at KU Leuven, “stole” a Tesla Model X in 90 seconds, Wired reported.
Connected Cars Are Vulnerable
Cybersecurity experts have already warned of the vulnerabilities of connected cars.
Almost any digitally connected device in a car could become an entry point to the vehicle’s central communications network, opening a door for hackers to potentially take control by, for instance, disabling the engine or brakes, experts have said.
With the rapid growth of autonomous driving technologies, data security of vehicles is drawing more public concerns than ever before.
By the year 2025, there will be an estimated 470 million vehicles that will be connected to a computerized database – making them ripe targets for cybercriminals.
By that same year, the automotive cybersecurity market is expected to be worth some $4 billion, according to Automotive Cybersecurity Market.
“I got into tech at a very young age, I actually wrote my first piece of code at the age of 10 and since then never stopped progressing. Meanwhile I became an expert in cyber security and you can definitely say it’s my passion”, he wrote.