It was reported last month that UK vehicle theft has increased 20% in recent years, and recent evidence suggests that a new computerised ‘relay’ style attack could explain the spike.
Thieves are now harnessing sophisticated technology that allows them to hack into your car’s computer. This means they don’t even need a key-fob to start the vehicle, and can drive it away in a matter of minutes.
The most at risk are cars that use keyless fobs, as well as ‘connected cars’ . In other words those that use internet to access maps, travel info and music – basically anything with an internet-enabled infotainment system.
How does it work?
A relay attack usually involves two people working together. One stands by the targeted vehicle, while the other stands near the house with a device that can pick up a signal from the key fob. What’s more, some devices can pick up a signal from over 100 metres away.
The device then relays the key fob’s signal directly to the car, allowing the thieves to get in and drive away immediately. Researchers for Germany’s ADAC discovered that some brands are more at risk than others, with BMW and Peugeot systems being particularly easy to hack.
But the team also managed to unlock a Toyota Prius, Ford Focus and Volkswagen Golf, showing that no one particular manufacturer is immune to this new kind of crime. The video above shows examples of thieves employing the ‘relay’ technique.
Andy Barrs, head of police liaison at security firm Tracker, said: “As relay attacks become even more prevalent, owners need to protect themselves, particularly since criminal gangs are routinely using relay devices to exploit weaknesses in keyless security systems across a broad range of manufacturers.
“These tools are readily available on the internet for as little as £80 and thefts typically occur in residential areas, where cars are parked relatively close to the house, especially at night.
“It’s worth remembering that technology is just one part of vehicle security and more vigilance needs to be taken across the board; this includes car owners, manufacturers, dealers, insurers and the police.”
What’s being done?
The government has released new guidelines for car makers that will soon have to provide more security as cars get ever-more advanced. But it’s not just aimed at reducing theft; it’s part of the Autonomous and Electric Vehicles Bill, which will create a framework to insure autonomous vehicles.
The stricter guidelines also aim to reduce the risk of hackers accessing personal data or, as we get closer and closer to self-driving cars, take over the vehicle and cause accidents.
With autonomous cars purportedly only a few years away, the government wants to make cars as safe and secure as possible in the face of cyber criminals.
Transport minister Lord Callanan said: “We need to make sure that the designs of the vehicles in the first place are completely cyber secure so that people can’t break into them, they can’t steal them and more importantly they can’t hack them to potentially cause accidents.”
He added: “The advice would be treat them as you would your computer; be careful who you give access to, don’t plug in devices such as USB sticks that you don’t know the origin of.”
What can you do to protect your car today?
One way to stop thieves getting hold of your key fob’s signal is to put it in a Faraday cage, which completely blocks any electronic signals. Unless you have one of these lying around however, the next best thing could be your fridge!
However, the best deterrent is probably a good old-fashioned steering lock. With all the technology in the world, thieves are still likely to be put off by a solid metal bar running through the steering wheel.
Have you been a victim of ‘relay’ car theft? What do you think the best solution is? Let us know in the comments below.