Tag Archives: Land Rover

Gadget Man – Episode 124 – Keyless Car Theft Explained and How to Stop it

How many of us own and drive a vehicle with a keyless entry system? Well, it appears that many thousands of us that do have woken up this morning to a very worrying report from the General German Automobile Club (ADAC),

In order to unlock your keyless entry vehicle, you simply need to carry your key-fob. As you approach the vehicle, it recognises the encrypted signal transmitted from the fob. This, in turn, instructs the vehicles central-locking system to unlock the doors when you either touch the door handle or press the button on the door-handle. There is no requirement to insert the key into the ignition as the car is fitted with a start/stop button. If you own a car with both keyless entry and start/stop system, you aren’t alone, they are now widely used in hundreds of models or cars and in some cases motorbikes.

Now for the bad news. A recent study by the General German Automobile Club (ADAC) has discovered that the technology is far from secure in all but THREE cases and in fact the method of stealing a keyless vehicle is extremely simple.

In order to steal a keyless vehicle, a thief simply employs a rudimentary transceiver which takes the relatively weak signal transmitted and received from the fob to the car and amplifies it, it is then possible for the signal to reach from the fob to the car and hey presto, the car is unlocked and can (in most cases) be started.

[videopress VxMJuooi]

Once the car is running, the need for a key is obsoleted and the car can now be driven until it is depleted of fuel. In most cases, the cars are taken abroad and the retrofitted with standard locking and start systems. As long as the car does not stall, it will run for as long as the fuel tank will take it.

NO AMOUNT of hacking or decryption is needed, it is reliant solely on the amplification of the already transmitted signal!

Arnulf Thiemel, car-technician at the ADAC.
Arnulf Thiemel, car-technician at the ADAC. Image Credit: ADAC

Arnulf Thiemel, car-technician at the ADAC, said “The ADAC demands that vehicles be protected against any kind of manipulation and illegal access. For the affected vehicles, there must be solutions put in place to improve the security.  All new  vehicles should also be equipped with a methodologically that ensures secure safety solutions which also withstands neutral side checks”

Which cars and manufacturers were affected?

Unfortunately, it would appear that EVERY manufacturer tested has at least one model which could be stolen using the method above.

Alfa Romeo, Audi, BMW, Chevrolet, Citroen, DS Automobiles, Fiat, Ford, Honda, Hyundai, Infiniti, Jaguar, Jeep, KIA, Land Rover, Lexus, Mazda, Mercedes, MINI, Mitsubishi, Nissan, Opel, Peugeot, Renault, Seat, Skoda, SsangYong, Suzuki, Subaru, Tesla, Toyota, Volvo, Volkswagen and motorcycles from BMW, Ducati and KTM. 

The following vehicles could NOT be opened using this method but if already open it was STILL POSSIBLE to start and drive the cars.

BMW i3 (2014)
Infiniti Q30 (2016)
Mazda 2 Skyactive 90 Kizohu (2018)
Volvo XC60 T5 (2017)

The following vehicles could NOT be opened or started using this method.

Jaguar i-Pace (2018)
Land Rover Discovery (2018)
Land Rover Range Rover (2018)

The vehicles above are currently immune from this method of attack. This is because they employ a variation of the keyless system by broadcasting using ultra-wideband frequencies. Basically, the equipment used to amplify the signal is ‘currently’ unable transmit or receive at the radio frequencies used in these models of cars.

Jaguar-Land Rover filed the patent for this method of keyless access in 2017. We can now only hope that they freely license these patents to other car makers or a comparable technology can be developed.

What Now?

All too often our deep-rooted human needs to be ‘waited upon’ result in solutions which in the first instance appear to solve a problem that really didn’t exist, but in real-world use turn out to have a sting in the tail. In the case of the study by ADAC, it would appear that there are very urgent questions to answer and drivers should be aware of the security issues surrounding their vehicles.

Faraday Cases?

Prior to speaking to BBC Radio Suffolk, many listeners talked about using Faraday Cases or Bags to house their keys. The theory behind this was to block the signal completely whilst the car isn’t in use (ie. whilst the keys were stored in the home or place of work).

Faraday Bag for Keyless Fobs from Amazon

I personally believe that keeping the keys away from the car or placing them in a container which COMPLETELY blocks radio signals is the only way to avoid the potential theft of vehicles using this method. However, radio signals can travel through types of metal, so be ABSOLUTELY confident that anything you purchase to secure your fobs, does indeed work as described.

Immediate Steps to Take

If you are concerned about the security of your keyless car fob, contact your car’s manufacturer as soon as possible and ask them what steps they have taken to secure your car? Ask them if there are software updates to improve security? Ask them if these systems can be deactivated until such time as they can be completely secure?

Listen in!

This morning I spoke to Mark Murphy on BBC Radio Suffolk about the use of Faraday Cage technology to try and reduce the chances of Keyless entry cars being stolen. Listen in to the stream above. If you like what you hear or read, don’t forget to LIKE, SHARE and SUBSCRIBE. See you next time!

Matt
The Gadget Man

I previously spoke about this topic a while back, you can read and listen at this link Gadget Man – Episode 113