Tesla Pushes Over-the-Air Software Update after Security Hack

Security hack on Tesla Model S

Moving quickly after a security hack allowed ethical hackers to “get into” a Tesla Model S 75D electric vehicle and control various components, Tesla released an over-the-air software update to prevent such attacks on its electric cars.

Tesla Model S TeslaOS security hack - Keen Security Lab of Tencent
Security Hack in Action – Keen Security Lab

A team of researchers at Keen Security Lab, a subsidiary of Tencent Holdings, one of China’s leading internet value-added services companies, hacked into a Tesla automobile and manipulated the brakes, rearview mirrors and even opened the door without a key.

After months of research, the team that hacked the Tesla Model S posted a YouTube video of their successful security hack attempts, following which Tesla quickly pushed updates to plug the holes in the security system on the TeslaOS that operates many of Tesla’s electric vehicle functions.

The security hacks were done in two ways: one with the hacker sitting in the passenger seat and the other from a distance of 12 miles, or about 19 kilometers. The researchers went to Tesla straight away with their findings, allowing the company to quickly put together a security patch for the current operating system installed in all Tesla vehicles, the TeslaOS 7.

On Monday, Tesla owners woke up to the update and were surprised that it wasn’t the TeslaOS being released after all. The security updates were critical because version 8 is expected to come out soon and Tesla can’t afford to have holes in its security, not when so many functions of the car depend on the operating system in order to work normally.

The incident highlights the dangers of having a connected car, but the risks are minimal since the car would have to be connected to a “malicious WiFi” through which the hacker can gain access.

Tesla released this statement to The Verge after the software update with the security patch:

Within just 10 days of receiving this report, Tesla has already deployed an over-the-air software update (v7.1, 2.36.31) that addresses the potential security issues. The issue demonstrated is only triggered when the web browser is used, and also required the car to be physically near to and connected to a malicious wifi hotspot. Our realistic estimate is that the risk to our customers was very low, but this did not stop us from responding quickly.

We engage with the security research community to test the security of our products so that we can fix potential vulnerabilities before they result in issues for our customers. We commend the research team behind today’s demonstration and plan to reward them under our bug bounty program, which was set up to encourage this type of research.”

Fortunately for Tesla, ethical hackers are as proactive as malicious hackers. As long as they immediately report security threats to the company, Tesla can quickly put a patch together to eliminate the risk.

If you’re reading this on Apple News, please favorite the 1RedDrop channel to add us to your news feed, or Like our page on Facebook. Please bookmark our site for more insightful articles on current and future technologies that are changing our lives.