EVs are just as much about the software as they are about the hardware with electric motors and batteries.Ā Some may even call EVs computers on wheels, which like computers can also get hacked.
This has just been proven by a group that hacked their way into a Tesla Model 3 at a competition run by Trend Micro and global security firm Pwn2Own in Vancouver Canada.Ā
The goal is to allow companies like Tesla, with software-orientated products to be matched with contestants that gather at Pwn2Own, to showcase their skills and uncover vulnerabilities in these products.
This year the competition – with a prize of a new Tesla Model 3 and $A150,000 in prize money – was won by a group calledĀ Synacktiv from France that hacked its way into a Tesla Model 3 using TOCTOU (Time-Of-Check Time-Of-Use) exploit technique. Their success was shared by The Zero Day Initiative on Twitter.
Synacktiv describes itself as an āOffensive security companyā and were also quite transparent about the hack, sharing the journey on Twitter as well.Ā After successfully winning the competition, the team shared high-level details of their hack.
After successfully winning the competition, the team shared high-level details of their hack.
Tesla was the target of the competition this year because, according to the organisers: Ā āTesla almost single-handedly invented the connected car industry. It knows more than most whatās required to keep one step ahead of the competition and the cybercrime community: rigorous testing and continuous probing for software bugs.
“We must remember, after all, that a car isnāt just a car anymore. Itās a complex system of IT components and dynamic systems that presents an increasingly attractive attack surface for threat actors.ā
Tesla will use the learnings from this hack by cybersecurity experts and researchers at the competition to further improve its software from any vulnerabilities.Ā
That would give more confidence to those sitting on fence about making the switch to a safer electric car.




