Remote keyless entry for vehicles has been around since the late 80′s and is now so common it is a standard feature on almost every new car sold in the United States today. When remote operated electric door locks first debuted they were hailed as a modern marvel of safety and convenience. Prospective buyers were told that would never forget to lock their car doors again and that remote devices would allow them to conveniently lock and unlock their cars from a distance. The feature was touted as a timesaver along with remote trunk locks that made it easy to put stuff in your car without having to put everything down to unlock or trunk first.
However, now it appears the safety and convenience of remote door locks is not without a small consequence that until now had been overlooked by most car owners and manufacturers alike. The consequence is that remote door locks can make car theft a clean and simple task for thieves with a bit of technological savvy.
A recent study conducted by researchers at ETH Zurich, a security firm based in Switzerland, now has shown that encrypted signals from car lock remotes are alarmingly easy to intercept and hack into. The ETH group tested 10 car models from eight different manufacturers equipped with both keyless entry and keyless ignition systems, all controlled through a single wireless keychain-mounted remote control device. The bad news is that all10 cars were easily hacked into and driven away without any forced entry necessary.
Anything with an electronic circuit is subject to hacking and it was only a matter of time before today’s generation of computer hackers turned their attention toward the keyless entry systems found in most modern automobiles. Not only was it easy for the ETH team to hack into the wireless systems, it was also surprisingly cheap. The researchers were able to rig up a working system of antennas and simple circuits using materials that cost about $50, well within the budget of any car-theft-minded hacker.
The ETH researchers set up dual-antenna systems to intercept signals from the cars to the keys and trick the cars into unlocking themselves. Once the signal is transmitted, the car can be unlocked, started and driven away in an instant. Cars with traditional ignition keys cannot be hack-started of course, but many newer ignition systems today are electronic and very vulnerable to this method of attack. The ETH test hack also worked regardless of the type of encryption the different manufacturers used to communicate between cars and keys.
The team at ETH did not reveal the brands or models of cars that were hacked but the simple fact that the crude hack did work on ten different cars from eight different manufacturers clearly shows that most keyless entry and ignition systems on the market are probably at equal risk. The only way to protect against the electronic hack is to shield your keychain transmitter remote with some sort of guard that prevents the signal from being transmitted its maximum distance. Anxious car owners could also install a manual starter switch that can be simply switched off to stop all signal transmissions in the first place.