Logo Cibersecurity made in Europe Logo UE

Real cases

Data since 2012

Casos reales de coches crackeadosDate
A fault in the Tesla app prevents owners from entering their vehicles.Nov 2021Read More
Headline A fault in the Tesla app prevents owners from entering their vehicles.
Year 2021
Month November
Country Several
Description 

Several owners of Tesla vehicles throughout the world reported through networks and forums an error in the company’s mobile application server (500 Server Error), which acts as an electronic key, this left owners without the possibility of access to their vehicles. The extent of those affected is unknown, but the data collected by Downdetector indicates that the incidents began to be recorded around 20:30 (UTC), so the problem would have lasted for 6 hours.

Intentionality Other
Target Vehicle
Company Tesla
Type of company Automotive
Data / Life Data
Access Physical and remote
System Electronic key
Recognized by brand 
Source https://actualidad.rt.com/actualidad/410965-decenas-propietarios-tesla-reportan-poder-abrir-auto-falla-aplicacion
Two Tesla vehicles were stolen in NorwayNov 2021Read More
Headline Two Tesla vehicles were stolen in Norway
Year 2021
Month November
Country Norway
Description 

Norwegian police warned via Twitter about the theft of two Tesla Model S in two different places less than 50 kilometers from each other. In both cases, vehicles were parked in private parking lots while their owners were carrying their keys with keyless technology. Security forces warned about the care that must be taken with keys that use this type of technology, we can avoid this kind of situation by using an inhibitor cover that prevents cybercriminals from accessing the frequency of our keys. Among the measures that Tesla itself is taking, we find keyless system patches or OTA (Over-the-air) updates in the vehicle.

Intentionality Hacker
Target Vehicle
Company Tesla
Model Model S
Type of company Automotive
Data / Life Data
Access Remote
System Keyless system
Reach 2
Recognized by brand No
Source https://hackercar.com/tesla-robos-noruega/
Intel chip failure makes cyberattacks on cars and laptops possibleNov 2021Read More
Headline Intel chip failure makes cyberattacks on cars and laptops possible
Year 2021
Month November
Country United States
Description 

Reseаrchers uncovered а vulnerаbility in Intel Processors thаt could аffect lаptops, cаrs аnd embedded systems in general. The flaw (CVE-2021-014) enаbles to get into testing or debugging modes on multiple Intel processor lines, which could give certain privileges on the system to unauthorized users with physical access. This problem hаs been discovered in the Pentium, Celeron аnd Аtom processors of the Аpollo Lаke, Gemini Lаke аnd Gemini Lаke Refresh plаtforms. Intel rаnks fourth in the chip market, their systems are present in home аppliаnces, smаrt home systems, cаrs or medicаl equipment.

Intentionality Cracker
Target Vehicle
Company Intel
Type of company Computing
Data / Life Data and Life
Access Physical and remote
Recognized by brand No
Source https://blackweb-security.org/intel-chip-flaw-could-enable-attacks-on-laptops-cars-medical-devices/
NHTSA will investigate Tesla collisions for its autonomous driving systemNov 2021Read More
Headline NHTSA will investigate Tesla collisions for its autonomous driving system
Year 2021
Month November
Country United States
Description 

The U.S. National Highway Traffic Safety Administration (NHTSA) is investigating a consumer report about a Tesla Model Y which caused an accident while using the beta of its FSD (Full Self-Driving) software. On November 3, the vehicle owner informed the agency that while turning left on the road, the car went into the adjoining lane, causing a collision with another driver. Earlier this month, Tesla recalled nearly 12,000 American vehicles due to a fault that triggered false collision warnings or automatic emergency brake activation.  All these events have happened after the last update that Tesla’s vehicles received on October 29, 2021.

Intentionality Other
Target Vehicle
Company Tesla
Model Model Y
Type of company Automotive
Data / Life Data
Access Physical and remote
System FSD
Reach 12.000
Recognized by brand 
Source https://www.reuters.com/business/autos-transportation/us-safety-regulator-says-aware-tesla-owner-complaint-self-driving-test-software-2021-11-13/
Toronto Transit Commission receives cyberattack through ransomwareNov 2021Read More
Headline Toronto Transit Commission receives cyberattack through ransomware
Year 2021
Month November
Country Canada
Description 

Two years ago, the Toronto Transit Commission (TTC) received directions from the city council to elabore a cybersecurity plan for its transport network, these strategies should have been ready by the end of 2020, but the organization did not present any. On October 28, 2021, a ransomware provoked the shutdown of the system TTC transit control uses to communicate with its operators, next vehicle arrival information and the TTC’s email network, compromising the personal data of at least 25,000 workers. TTC said that they are still working on their network safety and security.

Intentionality Cracker
Target Vehicle
Company Toronto Transit Commission
Type of company Government
Data / Life Data and Life
Access Remote
Recognized by brand 
Source https://www.thestar.com/news/gta/2021/11/14/ttc-failed-to-file-cyber-security-report-raising-questions-about-its-ability-to-defend-itself-against-hackers.html
McLaren Racing team, the victim of a cyberattackNov 2021Read More
Headline McLaren Racing team, the victim of a cyberattack
Year 2021
Month November
Country United Kingdom
Description 

McLaren was the subject of a cyberattack last year aimed at various employees via email. Those responsible gained confidential information, although the company was well aware of these risks. The cybercriminals were posing as a supplier of the brand and since last year, they have accumulated about 34,600 malicious emails per week. The problem is not only the emails but mobile networks which they use during the race, sending constantly information about it and everything that happens with the vehicle.

Intentionality Cracker
Target Vehicle
Company McLaren Racing
Type of company Race team
Data / Life Data and Life
Access Remote
Recognized by brand 
Source https://www.thesun.co.uk/sport/16648856/mclaren-cyber-attack-mexican-gp/
They filter information to access logistics, transport, shipping companies…Nov 2021Read More
Headline They filter information to access logistics, transport, shipping companies…
Year 2021
Month November
Country Several
Description 

Cybercriminals are selling access, like credentials, to different shipping and logistic companies that handle large quantities of supplies by land, sea, and air. This could provoke various flaws in the supply chain, from delays or stock unavailable to redirecting shipments by changing logistic details or causing disruptions via ransomware. In recent years there have been registered attacks on US or Bangladesh companies via remote access, it is as simple as an employee with administrator privileges clicking on a poisoned attachment.

Intentionality Cracker
Target Vehicle
Type of company Logistic
Data / Life Data
Access Remote
Recognized by brand No
Source https://securityboulevard.com/2021/11/supply-chain-at-risk-brokers-sell-access-to-shipping-logistics-companies/
A fault in the Pod Point chargers for electric cars puts the data of its users at riskNov 2021Read More
Headline A fault in the Pod Point chargers for electric cars puts the data of its users at risk
Year 2021
Month November
Country United Kingdom
Description 

More than 140,000 users of the Pod Point electric car charging app could have had their data put at risk by a security vulnerability. Among the data exposed by the flaw included the full names, home addresses, or the car-charging history of Pod Point, allowing cybercriminals to easily locate the users and their vehicles. These vulnerabilities were already noticed in March 2021, but it was not until September of the same year when the company began to take measures, ensuring that the data of its users is safe.

Intentionality Hacker
Target Vehicle
Company Pod Point
Type of company Energy
Data / Life Data and Life
Access Physical and remote
Recognized by brand No
Source https://www.which.co.uk/news/2021/11/pod-point-electric-car-chargers-security-flaw-may-have-put-140000-app-users-data-at-risk/
US Institute develops an intrusion detection system for military vehiclesNov 2021Read More
Headline US Institute develops an intrusion detection system for military vehicles
Year 2021
Month November
Country United States
Description 

Southwest Research Institute (SwRI) in Texas has developed a new intrusion detection system (IDS) to protect military ground vehicles from cyberattacks. Elaborated along with the US Army Ground Vehicle Systems Center (GVSC), this new detection system utilizes different algorithms and digital fingerprints to detect any anomalies in ground communications. These algorithms transmit information through the Controller Area Network (CAN) protocol, which allows the army to identify unknown or invalid nodes connected to the vehicle network. Although IDS technology was thought to be designed for military vehicles, the institute said it could also be integrated into passenger and commercial vehicles.

Intentionality Hacker
Target Vehicle
Company Ejército de Estados Unidos
Type of company Gobierno
Data / Life Data and Life
Access Remote
System IDS
Recognized by brand 
Source https://www.thedefensepost.com/2021/11/03/us-army-vehicles-cybersecurity/



Este sitio web utiliza cookies para que usted tenga la mejor experiencia de usuario. Si continúa navegando está dando su consentimiento para la aceptación de las mencionadas cookies y la aceptación de nuestra política de cookies, pinche el enlace para mayor información.plugin cookies

ACEPTAR
Aviso de cookies