Bought a Volkswagen in the last 20 years? It can probably be unlocked by hackers
Almost 100 million cars made by Volkswagen are vulnerable to numerous hacks that could let thieves unlock them remotely through a wireless signal, security researchers have revealed.
The "worrying" flaws in the cryptography of the physical keys have been around since the 1990s, and could be used to unlock millions of cars and drive them away.
The two flaws in Volkswagen's keyless entry software are present in almost every car Volkswagen has sold since 1995, according to the researchers at the University of Birmingham, including models from Audi, Ford, Fiat, Skoda, Citroen and Peugeot.
All an attacker requires to exploit them and unlock the cars is a radio that can be made for £30 with a small control board and a radio receiver.
One of the vulnerabilities is in Volkswagen's computer system, which could allow a thief to steal the car without the owner and key being nearby, unlike with similar key fob attacks.
The researchers managed to reverse engineer a part of Volkswagen's network and get hold of a cryptographic key that is shared with millions of Volkswagen cars. Using the radio, they could then intercept the unique signal given off by each car's key fob that together could be used to clone the key, access the car and drive it away.
As with the key fob interception hack, the researchers need to be within 91m of the car in question. It also requires the right cryptographic key from Volkswagen's network that applies to that model and year of vehicle.
If criminals were able to reproduce the hack, tens of millions of cars could be at risk. Only the most recent Volkswagen Golf 7, which introduced a new locking system, and other cars with the same system are safe.
In the second attack the researchers managed to use the radio device to rapidly read a string of the coded signals given off by a driver's key fob in order to crack the cryptography and mimick the key. The researchers decried Volkswagen's use of this kind of cyptography in its keys.
While the researchers didn't test every Volkswagen model from the last two decades, they said it is possible that all Volkswagen cars that use "constant-key" technology, apart from some Audi models, are susceptible.
Experts in the security industry described the news as "extremely dangerous" and urged car manufacturers to think about cybersecurity when developing new cars and software products.
"It's time to turn to the car manufacturers to ask what on each they are going to do to fix the millions of potentially vulnerable vehicles they have sold in the last couple of decades," said security expert Graham Cluley.
This isn't the first Volkswagen vulnerability that the researchers have published. Back in 2013 they discovered a way to start Volkswagen cars' ignitions, but had to withhold the research for two years because Volkswagen threatened to sue them.
The researchers are now going to investigate if the attack has been used by criminals in the real world.
What to do if you think your car is at risk
It's up to the manufacturers to create a fix for the flaws, but this could take a long time, according to the researchers.
In the mean time the best thing to do if you own one of the affected cars is to make sure you don't leave any valuables in your vehicle. You could also trade in your wireless key fob for a traditional mechanical key.
Richard Kirk, senior vice president at security company Alien Vault, advised: "Car owners should apply the same rules that they follow, or should be following, for their computers and smartphones. Use hard to guess passwords, do not share passwords and do not give anyone access to your car app or portal account."
You could also try storing your key in a "faraday cage", designed to block radio signals, or a freezer.