Thousands of cars left vulnerable to hacking by thieves using wireless transmitters

Cars Credit: Ford/Citroen/Hyundai

Thousands of cars are an "easy target," for thieves using technology to hack their key-less entry systems, a report from consumer group Which? suggests.

99% of cars tested by the German General Automobile Club (ADAC) were found to be vulnerable to the flaw, enabling criminals to unlock cars and drive them away.

It tested 237 models key-less entry models, finding that 230 of them could be easily hacked within a few minutes. Among those tested include some of the UK's most popular models; Ford, Volkswagen and Nissan.

How can thieves break into my car and how can I stop them doing so?

Thieves are able to target cars with wireless entry and driving systems by using technology in what's known as a Relay Attack. The success of the hacking relies on car owners leaving their keys in a location where thieves can use devices to bounce the signals further than they would normally reach.

When the car picks up the wireless signal transmitted by the unlocking fob, it is then possible to unlock the car and drive it away.

Footage released in 2017 by West Midlands Police shows how thieves used the technique to target cars vulnerable to the flaw.

It took just nine seconds for them to break into a high-end car before driving it away.

Which? advises using a steering wheel lock to prevent your vehicle from being stolen; models accredited by the police security initiative Secured By Design are harder for thieves to break and cost around £120.

It also suggests keeping your car key out of sight and reach of thieves using the devices to hack cars. If your car is parked on your driveway at the front of your house, consider keeping your key away from the front door of your property, Which? says.

Another recommendation comes in the form of keeping your wireless key in a metal box to stop the signals from being transmitted. This method was endorsed by Ford, which tests found had 10 models vulnerable to attack.

Is my car affected by the hack?

Models affected include those from major manufacturers, the results of the testing were released by the German General Automobile Club.

  • Alfa Romeo

  • Audi

  • BMW

  • Chevrolet

  • Citroen

  • DS Automobiles

  • Fiat

  • Ford

  • Honda

  • Hyundai

  • Infiniti

  • Jaguar

  • Jeep

  • KIA

  • Land Rover

Ford Fiestas are vulnerable to the hack, more than 95,000 of the vehicles were registered in 2018. Credit: Ford
  • Lexus

  • Mazda

  • Mercedes

  • MINI

  • Mitsubishi

  • Nissan

  • Opel

  • Peugeot

  • Renault

  • Seat

  • Skoda

  • SsangYong

  • Suzuki

  • Subaru

  • Tesla

  • Toyota

  • Volvo

  • Volkswagen

What has the car industry said about the hacking?

Manufacturers including Ford, Hyundai, Kia, Nissan, Volvo, and PSA group which includes Citroen, Peugot and Vauxhall said they take car security seriously and are constantly looking to innovate to improve the security of its vehicles. Volkswagen Group, which owns Audi, Skoda and VW also said it was always looking to improve the security of its cars.

Honda declined to comment when approached by Which?.

Several pointed out that the risk of cars being stolen through Relay Attacks are low; whilst Mercedes and BMW said they had introduced motion sensors to the fobs for their cars, meaning their models cannot be hacked unless the fob is moving at the time it is being used to open a car.

Which cars aren't vulnerable to the hacking?

The only cars that weren't vulnerable to hacking were the newest models of the Land Rover Discovery, Land Rover Range Rover and the Jaguar i-Pace.

Which? says this is because these cars use key-less fobs with ultra-wide-band technology that is more advanced in determining the distance of the fob from the vehicle, meaning the car's unlocking system can't be tricked.