Researchers discovered that hackers could track Tesla vehicles and disrupt their communications by exploiting cellular network weaknesses. The vulnerabilities stem from modem components shared by most modern connected cars.
A study from Northeastern University found that hackers could use fake cell towers to track Tesla Model 3 and Cybertruck vehicles, intercept data, and force them into less secure operating modes. The research highlights security risks affecting all modern connected cars.
Professor Aanjhan Ranganathan from Northeastern’s Khoury College of Computer Science led the study with cybersecurity doctoral students Evangelos Bitsikas and Jason Veara. Consumer Reports loaned the 2024 Tesla vehicles to the researchers for testing.
READ ALSO: https://modernmechanics24.com/post/high-emission-waste-to-fertiliser/
Modern cars maintain persistent cellular connections for remote diagnostics, software updates and app communications. Unlike smartphones, owners cannot monitor or disable these connections. “The most important takeaway is understanding that modern vehicles are always-on networked devices that you cannot control or monitor,” Ranganathan said.
Hackers can use devices called “IMSI catchers” that mimic cell towers to connect to vehicles. Every phone or car has a unique International Mobile Subscriber Identity number. When devices first go online or reattach to networks, fake towers can capture these numbers and track locations.
The attacks don’t give hackers remote control of steering or brakes, but they can track vehicle movements, intercept data sent to Tesla servers, spam emergency systems with fake alerts, and cause denial-of-service attacks that disconnect cars from the internet entirely.
Tesla is not uniquely vulnerable. The issues stem from cellular modems made by Qualcomm and Quectel—components used by most automakers. “The problem is pretty much applicable to all modern connected cars,” Ranganathan said. Tesla acknowledged the weaknesses come from third-party suppliers.
WATCH ALSO: https://modernmechanics24.com/post/china-sets-maglev-700kmh-record/
Researchers shared their findings with Tesla, which has not commented publicly. Potential fixes include upgrading to 5G with stronger identity protection and eliminating insecure 2G and 3G fallbacks. For consumers, the takeaway is simple: “When you buy a connected car, you’re accepting a cellular connection that you cannot turn off,” Ranganathan said.
