Computerized cars are easy prey for high-tech thieves
By using diagnostic and reprogramming devices previously only found in auto repair garages, thieves are able to duplicate keyless entry signals.
Tue, Jul 10, 2012 at 04:33 PM
Computerized cars and standardized interfaces have been a boon for auto mechanics worldwide — but they also have helped high-tech car thieves.
Two recent British cases show just how simple it is for crafty criminals to jack into a car's on-board diagnostics port and access the security software in order to make off with the vehicle.
(A little background information: All cars built since the mid-1990s have standard "OBD-II" ports for diagnostic tools.
Most vehicles now come with keys with built-in radio receivers that communicate with the car's dashboard to prevent theft, as well as remote-control systems that can lock and unlock the car from a short distance. Many luxury models also come with proximity keyless ignition systems that can start the car as long as a remote control is inside the vehicle.
North American keys and keyless unlocking and ignition systems must be taken to legitimate dealerships for reprogramming, but in Europe, regional anti-monopoly laws mandate that any mechanic can reprogram them.) [Researchers Used Rigged CD to Hack Car]
Automotive identity theft
The first British case was a brilliant scheme of automotive identity theft that resulted in at least 150 luxury cars being stolen, reported the Daily Telegraph and the London Evening Standard.
A three-man gang would first scan the Internet for descriptions of Audis, BMWs or Range Rovers that had recently been exported from Britain to the former British Mediterranean colony of Cyprus, prosecutors told Southwark Crown Court in south London.
The gang's designated car thief would hang around commercial parking lots in London and the neighboring county of Essex, waiting for vehicles of the same make and model to pull in.
As the lawful driver left the targeted vehicle, the thief would use a jamming device to block the locking signal transmitted from the driver's remote keyless system.
The driver would think the car had locked itself — presumably the lights would flash normally — but the vehicle was in fact still unlocked.
The thief would hop into the car — but he wouldn't steal it right away.
Instead, he used a computerized diagnostic tool, common among auto mechanics and easily available online, to plug into the car's computer and read and save the codes associated with its high-tech key.
The thief attached a secret GPS tracker to the vehicle — and then locked it and left it where it was.
Back at the base, the gang's ringleader used the stolen security codes to clone a new key, used the downloaded details of the exported cars to create a stolen identity for the vehicle.
Then the gang would use the GPS device to track the targeted car around London until an opportune time came to steal it using the cloned key.
Since the cars' new records would match those of legitimate vehicles that were no longer in Britain, it was relatively easy to sell the stolen cars on the open market.
Alan Watkins of Witham, Essex, east of London, and two accomplices recently pleaded guilty to various charges related to the scheme. Watkins was sentenced to 8 years in prison, according to Britain's InfoSecurity magazine.
The second case is more anecdotal, but entirely plausible. A surveillance video posted on YouTube purports to show car thieves breaking into a parked BMW by smashing a hole in the driver-side window, reaching into the car and jacking into the ODB-II port mounted in the footwell.
The thieves then use a commercially available tool to reprogram a blank key to match the car. Three other videos posted online, two of which appear to be from Eastern Europe, show that reprogramming BMW blank keys can take less than a minute.
At the end of the surveillance video, the thieves simply push the BMW out of the driveway silently, then presumably start it once out of earshot and drive off.
"BMW has been at the forefront of vehicle security for many years and is constantly pushing the boundaries of the latest defence systems," a BMW UK spokesman told the automotive blog Jalopnik in a story posted on July 6. "We are aware of recent claims that criminal gangs are targeting premium vehicles from a variety of manufacturers. This is an area under investigation."
Related on SecurityNewsDaily:
Copyright 2012 SecurityNewsDaily, a TechMediaNetwork company. All rights reserved.