Chinese hackers take command of Tesla Model S
Security firm Qihoo 360 says hackers gained control of some Tesla Model S functions -- but skimps on details of how the car was hacked.
The first documented successful hack of a Tesla Model S has come from China, Chinese security giant Qihoo 360 Security Technology announced Thursday.
The hackers were attempting to win $10,000 in prize money at a kick-off event during the SyScan +360 security conference, which is co-sponsored by Qihoo. They were able to gain remote control of the car's door locks, headlights, wipers, sunroof, and horn, Qihoo 360 said on its social networking Sina Weibo account. The security firm declined to reveal details at this point about how the hack was accomplished, although one report indicated that the hackers cracked the six-digit code for the Model S' mobile app.
The Sina Weibo post warned Tesla drivers to "be careful" when driving in the rain, to avoid becoming a "drowned rat" in case the sunroof suddenly opens.
Qihoo 360 said it reported the hack to Tesla and offered to work with the automaker to fix the vulnerability.
"While Tesla is not associated with the conference and is not a sponsor of the competition, we support the idea of providing an environment in which responsible security researchers can help identify potential vulnerabilities," the company said in a statement. "We hope that the security researchers will act responsibly and in good faith."
Independent security expert Charlie Miller, who has done extensive research into car hacking, said it was too early to tell what kind of risks Tesla owners faced from this hack. He added that he wasn't surprised someone had hacked the Model S.
"I don't think a lot of people realize that the systems that provide Bluetooth connections or navigation maps or your radio, have the ability to control physical aspects of our cars, like locks, speedometer, even braking and turning," Miller said. As cars have relied more heavily on computers over time, "now we're trying to figure out how to deal with this in light of the fact that we don't know how to secure computers."