Effectually, once the attack is successful, the attacker is able to control the infotainment system,
               instrument cluster screens, unlock the doors from a remote location, open the trunk, fold the
               side mirrors, have the brakes applied while driving, open the sunroof, move the power seats,
               turn on the signaling lights, move the seats in the vehicle, and windshield wipers. Although this
               is not a fatal flaw necessarily, this may be rather annoying.

               Remediation

               This was not an oversight without a potential fix. This was patched over-the-air (OTA) by Tesla
               with v7.1, 2.36.31. Tesla recognized that this vulnerability was significant and pushed the patch
               rather quickly within 10 days. Going forward, Tesla started to use code signing to ensure only
               authorized software, and updates are accepted and implemented.

               Resources
               Abel, R. (2016, September 21). Hackers crack tesla CAN bus, DoT issues policy for securing
               connected car. Retrieved from http://www.scmagzineuk.com/researchers-remotely-hack-tesla-
               firmware-dot-issues-connected-car-guidelines/article/

               Antonelli, R. (2016, September 20). Chinese company hacks tesla car remotely. Retrieved from
               https://www.yahoo.com/news/m/7d421ab3-81ea-3be0-aac7-0b76fb5f2334/Chinese-company-
               hacks-tesla.html

               Baram, M. (2016, September 20). Security researchers hacked a tesla model s, controlling
               brakes, from 12 miles away. Retrieved from https://news/fastcompany.com/security-
               researchers-hacked-a-tesla-model-s-controlling-the-brakes-from-12-miles-away-4019631

               Constantin, L. (2016, September 20). Update: Researchers show off remote attack against tesla
               model s. Retrieved from http://www.computerworld.com/article/3121908/security/researchers-
               show-off-remote-attack-against-tesla-model-s.html

               Coren, M.J. (2016, September 23). It will soon be legal to hack your tesla (and every other car)
               in the US. Retrieved from http://qz.com/788491/it-will-soon-be-legal-to-hack-your-tesla-and-
               every-other-car-in-the-us/

               Ferris, R. (2016, September 20). Chinese company hacks tesla car remotely. Retrieved from
               http://www.cnbc.com/2016/09/20/chinese-company-hacks-tesla-car-remotely.html

               Finkle, J. (2016, September 20). Tesla fixes security bugs after claims of model s hack.
               Retrieved from https://www.yahoo.com/news/tesla-fixes-security-bugs-claims-212130698.html


               Fox-Brewster, T. (2016, September 20). Watch Chinese hackers control tesla’s brakes from 12
               miles away. Retrieved from https://www.forbes.com/sites/thomasbrewster/2016/09/20/keen-
               team-remotely-hack-tesla-cars/#64dedbba3f0c

               Golson, J. (2016, September 19). Car hackers demonstrate wireless attack tesla model s.
               Retrieved from http://www.theverge.com/2016/09/19/12985120/tesla-model-s-hack-vulnerability-
               keen-labs?yptr=yahoo


                  102    Cyber Warnings E-Magazine – August 2017 Edition
                         Copyright © Cyber Defense Magazine,  All rights reserved worldwide.