Researchers Target Tesla Model 3 In Spoofing Attack, Get It To Turn Off The Highway

Semi-autonomous vehicles are becoming increasingly common, so it’s a bit alarming that researchers were able to trick a Tesla Model 3 that was using Navigate on Autopilot

According to Regulus Cyber, they purchased a $400 GPS spoofer and a $150 jammer online. They then placed a small spoofing antenna on the roof of the Model 3 to simulate an external attack, while also limiting its effect on other GPS receivers.

As part of the test, researchers traveled on a highway at 59 mph (95 km/h) while using Navigate on Autopilot. The route would take them to a nearby town and require the car to make an autonomous exit.

However, the team transmitted fake satellite coordinates which were picked up by the GPS receiver in the Model 3. This caused the car to think it needed to exit the highway in 500 feet (152.4 meters), when in reality the actual exit was still over a mile away.

As a result, the car rapidly slowed down to 15 mph (24 km/h) and turned onto an emergency turn off instead of the exit. Researchers said the driver had his hands off the steering wheel at the time of the attack and when he regained control of the vehicle, it was “too late to attempt to maneuver back to the highway safely.”

Regulus Cyber says Navigate on Autopilot uses GPS and Google map data to determine what lanes the vehicle should be in and what exits to take. This makes it susceptible to GPS spoofing attacks. In particular, the company says the car was successfully spoofed several times and this caused “extreme deceleration and acceleration, rapid lane changing suggestions, unnecessary signaling, multiple attempts to exit the highway at incorrect locations and extreme driving instability.”

While the spoofing attack was only designed to target the Model 3, researchers said people with more nefarious intentions could buy a high-gain directional antenna which would increase the spoofer’s range to nearly a mile. Adding an amplifier to the mix could extend the spoofer’s range to a “few miles.”

The company also tested a Tesla Model S, but the spoofing did not have any impact on the actual driving. However, the vehicle’s air suspension would change “unexpectedly” as the car was lead to believe it was traveling on surfaces it wasn’t.

Regulus Cyber reached out to Tesla following their Model S test – and before the Model 3 experiment – and was told “Any product or service that uses the public GPS broadcast system can be affected by GPS spoofing, which is why this kind of attack is considered a federal crime.” Tesla went on to say the effects of a spoofing attack would be minimal, but that “hasn’t stopped us from taking steps to introduce safeguards in the future which we believe will make our products more secure against these kinds of attacks.”

Despite these assurances, Regulus Cyber CEO Yonatan Zur said “We have ongoing research regarding this threat as we believe it’s an issue that needs solving. These new semi-autonomous features offered on new cars place drivers at risk and provides us with a dangerous glimpse of our future as passengers in driverless cars.”

H/T to Bloomberg

more photos...
  • robotlogic

    I’m waiting for people to start doing something like that with the Amazon delivery drones. Free stuff just fell from the sky.

  • Dude

    I read the title as “get it to turn off on the highway” and got very confused as to how tf that would be possible. Glad I just can’t read lol

  • brn

    Why did the Model S do so well?

  • Haggy

    The problem is that not only would someone have to follow a car around with a much more powerful transmitter, that would also tell other cars with navigators to tell their drivers to take the next turn instead of the one after it, whoever is doing the spoofing would also have to know that the driver’s car plans to take a specific exit, and that it will be the next task in the list of directions.

    In other words, if my route tells me to take specific streets that vary based on current traffic, get on a freeway at some point, and then get off at exit 25, the spoofer would have to know that the car wants to take exit 25 so it could pick a different exit that happens to be on the same route. If my navigator decided to take exit 24 instead, or skip 25 and go to 26, this wouldn’t work.

    And if the person knows my exact route but I don’t happen to use NOA, it would be a moot point.

    To be clear, it can’t make the car turn off the road at a random point. It would still have to see an exit at that spot. So the worst case would be that the car would take a wrong exit, be out of range of the spoofer, and then put itself back on course.

    There’s no way that a random car could be targeted. And it would screw up so many cars in the area that someone would call the police.

  • Astonman

    They’re going to use this idea on the next Mission Impossible movie;)

  • Enter Ranting

    Huh, hacking into an autonomous system. Who could have seen that coming?

    • Kevin Cagle

      You can thank the Russians for $300 spoofers. In the North Sea they have been using container ships as guinea pigs for years now.

  • DHG2605

    Tis why I will never own/use autonomous tech to drive my car.

    • brn

      I will, just not yet.

14-Year-Old Aussie Crashes Into Lamborghini Urus With A Stolen Subaru

The teenager had a pretty wild night that ended when he drove into the very expensive Italian SUV.

Jaguar I-Pace Becomes Nurburging’s First Electric Race Taxi

You can now experience the electric Jaguar I-Pace as a passenger during a fast Nurburgring lap.

Bentley Starts Production Of The New Flying Spur, First Deliveries Due Early Next Year

The 2020 Flying Spur is assembled by hand in Crewe by a team of almost 200 employees.

Here Are More Pictures Of Aston Martin’s 2020 Vantage Roadster

The 2020 Aston Martin Vantage Roadster was spotted looking fabulous on the Nordschleife.

Tesla Model S Returns To The Nurburgring With Some Wild Aero

One of the Tesla Model S Plaid prototypes features an eye-catching rear diffuser.

Volvo To Reduce Car Lifecycle Carbon Footprint By 40% In The Next Six Years

Volvo is also aiming to become a climate neutral company by the year 2040.

European Markets Will Keep Wagons Alive, Despite Slumping Sales

Data shows that station wagons held a market share of just 11% in Europe last year, compared to 34% for SUVs.

Renault and Waymo Exploring Self-Driving Paris Airport Service

Renault and Waymo are currently exploring the notion of an autonomous mobility service at Charles de Gaulle airport.

New Ram 1500 Classic Warlock Mojave Sand Arrives With A $37,040 Price Tag

The special edition truck costs as much as the Ram 1500 Classic Warlock, on which it is based.

Ford GT’s Racing Program Comes To An End After Petit Le Mans

The GT claimed a total of 19 race wins during its four years in competition, with the most notable being the one at Le Mans.