Share
News

Auto Thieves Have Now Figured Out How to Steal Cars Through the Headlights - Here's How They Do It

Share

Technology-savvy thieves have come up with a new way to steal your car.

The theft involves hacking into the computer system of a modern vehicle through a car’s headlight module, according to MSN’s Autoblog.

That spot is chosen because going through the headlights is a simple way to gain entry to what is called the CAN bus system, which is how all the technology in a vehicle communicates.

The headlights are a target because, in the current configuration of vehicles, there is a connector from the headlights to the CAN bus (think of the CAN bus as the central nervous system of the vehicle).

If a thief can get access from the bumper, then the thief can tap into the wiring that connects the headlights to the main communication network and control the vehicle.

Trending:
WSJ Reporter Sentenced to 16 Years in Prison, Employer Calls It a 'Disgraceful, Sham Conviction'

Ken Tindell, chief technical officer of Canis Automotive Labs, wrote about how the theft takes place in a blog post.

“Modern cars are protected against thefts by using a smart key that talks to the car and exchanges cryptographic messages so that the key proves to the car that it’s genuine,” he wrote.

Does having more computerized cars make you worry about their vulnerabilities?

“This messaging scheme is generally reckoned to be secure and can’t be broken without huge resources (of the type only a nation state has). But thieves don’t attack the hard part: they find a weakness and work around it,” he wrote.

Tindell noted that one of the more common ways to attack the system has been to essentially hack the key fob used for remote entry and starting. Publicity over that technique led to countermeasures from owners and car makers.

“Faced with this defeat but being unwilling to give up a lucrative activity, thieves moved to a new way around the security: by-passing the entire smart key system,” he wrote.

He said in this new technique, thieves “get into the car’s internal communication” and then “inject fake messages as if from the smart key receiver, essentially messages saying ‘Key validated, unlock immobilizer.’”

“In most cars on the road today, these internal messages aren’t protected: the receivers simply trust them,” he wrote.

Related:
Major Manufacturer Issues Warning to Owners of 24,000 Hybrid Vehicles: Park Outside

Tindell said that a fake JBL speaker with about $10 in components is sold on the dark web and is able to perform the thievery.

As of now, Autoblog noted that the best defense is the time it takes to get into the wiring. A thief would need a private area to work without interruption.

Tindell said the problem can be solved, but not to expect a solution any time soon.

“[C]ar makers have learned over the years to act carefully when making changes to vehicle systems: what appears to be quick and simple often turns out to not be, and even a simple fix requires extensive testing to make sure there are no unintended consequences. So it will take some time to implement this,” he wrote.

Truth and Accuracy

Submit a Correction →



We are committed to truth and accuracy in all of our journalism. Read our editorial standards.

Tags:
, , , ,
Share
Jack Davis is a freelance writer who joined The Western Journal in July 2015 and chronicled the campaign that saw President Donald Trump elected. Since then, he has written extensively for The Western Journal on the Trump administration as well as foreign policy and military issues.
Jack Davis is a freelance writer who joined The Western Journal in July 2015 and chronicled the campaign that saw President Donald Trump elected. Since then, he has written extensively for The Western Journal on the Trump administration as well as foreign policy and military issues.
Jack can be reached at jackwritings1@gmail.com.
Location
New York City
Languages Spoken
English
Topics of Expertise
Politics, Foreign Policy, Military & Defense Issues




Conversation