The full extent of the cover-up by car makers who failed to warn drivers of a major security flaw can be revealed today.
As organised gangs use cheap devices to hack electronic entry systems and steal thousands of cars, a Daily Mail investigation has revealed that millions of drivers have been left in the dark for years about the scale of the problem.
Five years ago, Volkswagen – which was at the centre of the 2015 emissions cheating scandal – won a High Court injunction to prevent details of the security flaws being made public. But three years later, researchers found millions of its cars were still at risk.
And BMW has admitted in emails that criminals can hack into cars using tools anyone can buy on the ‘open market’. Police and industry experts last night accused car makers of not doing enough and said motorists needed to be warned of the risks. Today we can reveal how:
Range Rovers were quietly fitted with new technology to prevent keyless car theft last month but its makers didn’t publicise it to avoid acknowledging that older models were at risk (file picture of a Range Rover)
Range Rovers were quietly fitted with new technology to prevent keyless car theft last month but its makers didn’t publicise it to avoid acknowledging that older models were at risk, experts claimed;
Volkswagen suppressed warnings about the new risk of electronic car theft from owners for two years;
An MP said manufacturers should address the security failings as ‘a matter of urgency’, and warn drivers of the risks; ÷ Electric car pioneer Tesla tried to prevent the publication of a video which demonstrated how one of its models could be stolen without a key.
Earlier this week the Mail exposed how gadgets that can be used to steal cars in seconds are being sold online for £100.
BMW has admitted in emails that criminals can hack into cars using tools anyone can buy on the ‘open market’ (file photo of a BMW)
There are two main methods of hacking electronic fobs. The first ‘relays’ a signal from the keys in the owner’s home to the vehicle. This opens the car’s doors and allows criminals to use the button ignition to drive off. The second method involves forcing entry to the car and using a programming device that tells the vehicle’s computer to accept a blank key.
In 2013, researchers at the University of Birmingham discovered a security flaw in Volkswagen models, and VW took out a High Court injunction preventing the findings from being published until 2015.
The team discovered car makers including Audi, Citroën, Fiat, Honda and Volvo, as well as Volkswagen, had models that were vulnerable to ‘keyless theft’.
In 2013, researchers at the University of Birmingham discovered a security flaw in Volkswagen models, and VW took out a High Court injunction preventing the findings from being published until 2015 (file photo of a VW)
In granting the 2013 injunction, Mr Justice Birss said: ‘Volkswagen now know what the problem is. They have a chance to do something about it.’ But in 2016, a second research paper claimed many of the 100 million Volkswagen vehicles sold over the past 20 years were vulnerable and could be hacked using cheap tools. Audi, Seat and Skoda models sold since 1995 were also said to be affected as they share Volkswagen’s keyless system.
Meanwhile, Jaguar Land Rover (JLR) last month rolled out technology which prevents relay attack on its latest Range Rover models – but failed to inform its past or future customers.
Ian Elliott, a former Met Police officer who specialised in organised car crime, said: ‘If (JLR) came out and said, ‘we’ve solved our theft problem’, people will say ‘what theft problem?’ and then you expose that some previous models are easily stolen. JLR could see that the writing was on the wall so they worked with the police. Certain other manufacturers need a kick up the backside.’
Last night West Midlands Police and Crime Commissioner David Jamieson said: ‘The idea that modern cars are more secure than ever is utter nonsense.
‘A lot of manufacturers are saying ‘we’re doing our best, these cars are safer than ever’. That’s not going to wash. Go and tell that to someone who’s had their car stolen.’ Last year Tesla was made aware of a video by stolen vehicle recovery service CanTrack Global, which demonstrated an ethical ‘relay theft’ attack on one of its models. A senior Tesla executive asked the team behind the video not to publish it.
Steve Double, a Tory member of the transport committee, said: ‘If car makers are aware of any vulnerabilities they need to address them as a matter of urgency.’
Some 89,000 vehicles were stolen in England and Wales last year, a rise of 56 per cent on 2016.
Mike Hawes, chief executive of the Society of Motor Manufacturers and Traders (SMMT), said: ‘Recent increases in vehicle crime are concerning and it’s an issue industry takes extremely seriously.
‘It is important to remember, however, that the risk of theft is still very small – less than 0.3 per cent of the roughly 41 million vehicles on our roads today are stolen per year.
‘The latest models feature sophisticated immobilisers, tracking devices and encrypted key codes to prevent cloning and manufacturers are investing billions to try to stay one step ahead of the criminals.
‘However, technology can only do so much, and we continue to call for collective efforts to combat all forms of vehicle theft.
‘Industry supports action that will allow accurate and consistent recording for different methods of vehicle theft, and prevent the sale and use of cloning technologies, signal blocking and other devices that have no legal purpose.’
BMW said it worked constantly to design the best possible security systems. VW said customer safety and security were its ‘highest priorities’, while JLR said it was doing ‘everything it can to combat vehicle crime’. A Home Office spokesman said the department ‘currently have no plans to introduce new regulations’.
A spokeswoman for Tesla said: ‘Relay attacks are not unique to Tesla vehicles. As soon as we saw an increase in these types of attacks in certain regions in 2017, we rolled out a software update to all Tesla vehicles globally, giving our customers the option to safeguard against the attack by turning off passive entry.’
Arthur Preou now has a car with a key
Arthur Preou has vowed to never buy another keyless car after his £60,000 Range Rover Vogue was stolen from his drive overnight.
CCTV shows two men outside his home in Romford, Essex, last October, ‘waving some sort of device’. Another walks towards the front door, but moves out of view of the camera.
Within a few minutes the car’s headlights come on and the thieves get in before driving off. Mr Preou, 75, who owns a heating engineering business, said: ‘I’m blown away by how easy these things are to steal.’
He now drives a 2008 Range Rover – with a standard key.
Jaguar Land Rover said it had a team of experts tackling car crime and there had been a 90 per cent drop in keyless vehicle theft.
Graham Sinclair with another of his BMW’s
A gym owner who fell victim to keyless car crime when his £53,000 BMW was stolen claims the showroom later told him he should have kept the fob in the microwave.
Graham Sinclair’s white 4×4 was taken from his girlfriend’s driveway in Enfield, north London, in October.
After contacting BMW and his insurers, Mr Sinclair, 44, spoke to the showroom in Enfield where he bought the car. He claims he was told the electronic key fobs – which can unlock cars remotely – ‘should be kept in tin foil and put in the microwave’.
In theory, this should stop relay hackers from being able to access the electronic codes contained in the key.
Mr Sinclair said his BMW was stolen silently. ‘I massively regret getting keyless entry,’ he added.
Anyone can buy tools to hack our cars admits BMW
One of the world’s biggest motor manufacturers has admitted keyless cars can be hacked into by criminals using tools that anyone can buy.
BMW has told a customer whose car was stolen from his drive that key fob cloning gadgets which can override its security systems are available for sale on the ‘open market’.
In private emails seen by the Mail, the German car giant said this poses a ‘unique challenge’ for the entire industry, and indicated manufacturers are struggling to stay ahead of increasingly sophisticated car thieves.
Although it stressed its cars are designed with the ‘highest security standards’, it said it has ‘no control’ over the fact ‘thieves are always looking for new ways to steal cars.’
With some police blaming keyless cars for fuelling a car crime ‘epidemic’, BMW insisted it is impossible to warn customers about the ‘many ways a car can be stolen’.
The comments – made in private emails to a customer whose £55,000 BMW was stolen – appear at odds with the industry’s public claims that cars are more secure than ever.
Last night, a Tory member of the Commons transport committee said manufacturers should address any security failings with keyless cars as ‘a matter of urgency’, and should be warning drivers of the risks.
Thieves are able to buy key programming devices on websites such as Amazon and eBay which allow them to clone key fobs. Other devices known as relay boxes extend the signal from a fob inside the owner’s home to unlock the car and start it. A number of cases have emerged of upmarket keyless cars such as Range Rovers, Mercedes and BMWs being hacked into in this way. But police have said affordable cars such as Ford Fiestas are now being targeted more frequently.
Emails sent by BMW’s UK headquarters show it is acutely aware of the problem but believes there is little it can do.
Simon Burnett complained to the company on February 18, after waking up to find his BMW 435 diesel had been stolen from his drive. His key fob was on his bedside table. He reported the crime to police and was told he was unlikely to see the car again.
Mr Burnett, 33, used a BMW phone app to try to locate the car and received a message that the vehicle’s tracking system had been deactivated.
The IT consultant, from Surrey, contacted BMW demanding compensation. He had paid around £500 extra for ‘comfort access’ on his car, which means drivers can open the door by walking up to it with the key fob in their pocket.
In an email on March 15, Laura Bebbington, of BMW UK customer services, said: ‘We and other car makers face a unique challenge due to the fact key-programming equipment is available for sale on the open market.’ She said the ‘sophisticated equipment’ was ‘not available publicly’ previously.
In an earlier email on March 1, she said: ‘Our engineers are constantly developing our security systems to ensure they’re kept to the highest standard. Thieves are always looking for new ways to steal cars, this isn’t something we have control over.’ When Mr Burnett suggested manufacturers warn customers about the potential risk, Miss Bebbington said: ‘There are many ways a car can be stolen. We’re unable to make customers aware of each single way this can be done.’
Michael Stephens, a BMW customer services consultant, told Mr Burnett in an email ‘criminal activity of all kinds is becoming increasingly sophisticated’ and tackling it was ‘a constant battle’. Mr Burnett accused BMW of ‘not being transparent’.
Steve Double MP said: ‘If [car makers] are aware of any vulnerabilities they need to address them as a matter of urgency … if they can’t show it is secure then they should put it on hold until they can provide a more secure system.’
West Midlands crime commissioner David Jamieson said: ‘Car manufacturers are sacrificing security for the sake of convenience.’ A BMW spokesman said: ‘BMW’s specialist security teams work constantly to design and enhance the best possible vehicle security systems. We also work in partnership with police and other authorities in responding to the latest threats and anticipating new ones.’
Mike Hawes, of the Society of Motor Manufacturers and Traders, said: ‘New cars are more secure than ever and the latest technology has helped bring down theft.’