Cars that allow owners to simply press a button on a remote control to start up their vehicles have become increasingly tempting targets for car thieves. The incidence of keyless car thefts has risen as criminals simply buy handheld electronic devices online that can reprogram access to luxury vehicles such as Range Rovers.
The security risk has grown to the point where insurance companies have begun refusing coverage to drivers in London who own keyless vehicles but don’t stash their expensive rides in underground parking lots or other secure locations, says an article in The Guardian. Car thieves have made plying their illicit trade much easier by simply bypassing the security of the keyless ignition systems with devices that are normally used by legitimate auto workshops for vehicle maintenance. The criminals have equipped themselves with these master keys by purchasing them on eBay.
“The criminal act of stealing vehicles through the re-programming of remote-entry keys is an ongoing industry-wide problem,” said Jaguar Land Rover in a statement.
Jaguar Land Rover also cited a number of vehicles vulnerable to such theft, including the Ford Fiesta and Focus, Range Rover Evoque, Ford Transit and Mercedes Sprinter.
The Society of Motor Manufacturers and Traders (SMMT), a UK-based motor industry association, has pushed for new laws to address the problem, according to BBC News. SMMT wants to strengthen the regulations surrounding the use of such equipment and increase the punishments relating to equipment misuse.
Car manufacturers currently provide open access to the necessary technical information so that independent auto repair shops can service the after-market for such keyless ignition vehicles. Criminals have been able to exploit that fact by obtaining the usual maintenance equipment for their own purposes.
Vehicle thefts have fallen in the UK over the past decade, which mirrors a similar trend in the U.S. But the spate of luxury vehicle thefts in the UK may partly reflect how easily keyless ignition vehicles can be compromised with readily-available electronic equipment.
It should come as no surprise that modern cars dependent upon electronics could be vulnerable to such security risks. In 2011, Swiss researchers showed how they wirelessly hacked such keyless ignition systems—also called smart keys—for a number of vehicles. More recently, U.S. researchers surveyed the vulnerabilities of a new generation of “smart cars” that cellular and bluetooth communications, car apps, and “cyberphysical features” related to the car being able to perform actions such as autonomous braking.
Jeremy Hsu has been working as a science and technology journalist in New York City since 2008. He has written on subjects as diverse as supercomputing and wearable electronics for IEEE Spectrum. When he’s not trying to wrap his head around the latest quantum computing news for Spectrum, he also contributes to a variety of publications such as Scientific American, Discover, Popular Science, and others. He is a graduate of New York University’s Science, Health & Environmental Reporting Program.