Tesla says update for security flaws found by hackers sentReprints
(Reuters) — Tesla Motors Inc. on Thursday said it has sent a software patch to address security flaws in the Tesla Model S sedan that could allow hackers to take control of the vehicle.
The Financial Times reported on Thursday that cyber security researchers said they had taken control of a Model S and turned it off at low speed, one of six significant flaws they found that could allow hackers to take control of the vehicle,
Tesla confirmed elements of the story and said it already has issued a software patch to owners.
Kevin Mahaffey, chief technology officer of cyber security firm Lookout Inc., and Marc Rogers, principal security researcher at Cloudflare Inc., said they decided to hack a Tesla car because the company has a reputation for understanding software that is better than that of most automakers, the FT said.
"We shut the car down when it was driving initially at a low speed of five miles per hour," the newspaper quoted Rogers as saying. "All the screens go black, the music turns off and the handbrake comes on, lurching it to a stop."
Tesla said it had developed and deployed an over-the-air update to Model S owners to address the "vulnerabilities."
In a statement, Tesla said the hackers did not turn off the car remotely, but from inside the vehicle.
"Our security team works closely with the security research community to ensure that we continue to protect our systems against vulnerabilities by constantly stress-testing, validating, and updating our safeguards," the automaker said.
The hack will be detailed at cyber security conference Def Con in Las Vegas on Friday, the FT said.
The hack on Tesla follows a similar attack on Fiat Chrysler's Jeep Cherokee last month that prompted the company to recall 1.4 million vehicles in the United States.