BMWs stolen after security system is hacked into

It seems that the car theft technique used in the movie Gone in 60 Seconds, starring Angelina Jolie and Nicholas Cage, has become a reality. BMWs are being stolen by thieves hacking into the security system.

Thieves in the Midlands are stealing expensive BMWs by using computer software to reprogramme the car’s engine management system so that they can start the car using a dummy key fob.

To do this they have to smash the car’s window so that they can plug in the reprogramming device, which is actually designed to help garages carry out diagnostics and repair work. Then they simply wait a couple of minutes while the car is altered to recognise their key.

According to some industry sources, this problem has arisen because it’s possible for anyone to buy the reprogramming gadget for as little as £70 online.

So, even though car theft is going down overall, more BMWs have been stolen so far this year in the West Midlands than in the previous year (314 thefts compared to 258).

The insecurities of high-tech car security

This raises the question – if carmakers are making their cars ever more sophisticated in all sorts of ways, why aren’t they able to stop them from being stolen?

It seems that every time manufacturers bring out new security technology they think will make their cars harder to pinch, but criminals simply take a bit of time to work out a way round it. And that seems to have been true for many years.

So is there a case for ditching all the high-tech kit, such as start-stop ignition buttons that only require the car’s key to be in the vicinity to allow the car to start? Perhaps we should go back to old fashioned ignition systems where the steering can be locked when the car is parked. At least with these, the car is immobilised when the key isn’t in the ignition and no electronic gadgetry can be used to unlock them.

And do we really need keys that will recognise our car as we walk towards it and unlock the doors? Or keys that allow us to wave our foot under the back of the car to open the boot?

As a parent who’s frequently loaded up like a pack horse with school and shopping bags, I can see the benefit, but not if it means a thief will be able to pinch my car more easily.

Comments

Derek says:

26 October 2014

about the OBD socket. This is the method in how to clone you fob key if you lose you fob BMW plug a gadget in to clone the fob codes then copy to a new fob. The problem is the OBD Is alive even when the fob is taken out of the ignition socket that with a poor alarm system that does not cover the area where the OBD socket is situated well it spells trouble and has for hundreds if not thousands of BMW owners and this is not on. I told BMW this in 2009 when I bought my x5 there was a security problem may as well talked to a brick wall. And yes they did put a security patch to cover theOBD seen around it in 25 minutes to crack. The OBD needs to be moved say under the bonnet or kill the electric supply to the OBD so if the thief breaks window and plugs his/her gadget in to clone the fob codes it will not work as you need electric for this process to complete BMW after sale is a disgrace 4 years this has been going on and no answers yet well I have just giving you one BMW!

dieseltaylor says:

19 February 2015

http://www.darkreading.com/mobile/bmws-software-security-patch-a-sign-of-things-to-come/d/d-id/1318933?

Comment on BMW currently doing security upgrades over the air and the possible problems.

My own view is as we know pretty much everything is hackable or compromised the idea that broadcasting changes through the ether seems even stupider as it could affect tens of thousands at once.

Also if there is a foul-up – and we all know of upgrades put out by the likes of Microsoft and Apple -. that have unintended side effects at some future date there may be a hack/error that will immobilise thousands of cars.

If this sounds a tad Luddite I would point out that BMW are doing this because it potentially saves them tens of millions in not having to call back cars to a garage [BMW pay the garage] to sort out software deficiencies.

Security, as in preventing cars being stolen or turned into lumps of metal with inoperative parts, is hugely important. I always believe in having very good security preferably a physical and a software lock, and always if changes are made to them being gradually rolled out to avoid things being “bricked”. Given we are talking software probably the “bricked” remains a correct description of no longer functioning software dependent appliances.