A growing number of new cars use a keyless ignition. As long as drivers have possession of a key fob, the car starts with the push of a button.
As we reported a couple of years ago, that’s been a helpful tool for car thieves. Many hackers find that it’s not so hard to hack into that key fob, unlock doors, and start the engine while the owner has the key fob in his or her possession, blissfully unaware.
Holly Hubert, a retired FBI agent who now heads the cybersecurity firm GlobalSecurityIQ, has a tip for car owners – wrap those key fobs in aluminum foil when the car isn’t in use.
Hubert says a car’s system is always waiting for the signal from the key fob to spring into action. The signal is purposely weak so that the key must be inside the vehicle to start it, and right next to it to unlock the doors and trunk.
Amplifying the key fob signal
But over the years, thieves have gotten clever. Hubert says it is easy to purchase a device that will amplify the signal from a key fob. The key can be inside the house and the amplifier can be used to start the vehicle. It can also be used to copy the system’s code.
In 2016, the National Insurance Crime Bureau (NICB), an insurance industry group, reported a 22 percent jump in car thefts in which the thief had access to the ignition key. At the same time, AAA reported cars with key fobs were responsible for a growing percentage of roadside assistance calls it handles.
Hubert says covering the key fob with aluminum when not in use will prevent thieves from getting access to it electronically. While a piece of aluminum wrap is the cheapest way to do it, Hubert says there is a commercially-available product called a Faraday bag. It’s like a plastic baggie, only made of foil. A key fob can be dropped inside it when the car is not in use.
Carmakers beginning to take notice
The hacking of key fobs is an issue that carmakers are beginning to address, since most modern vehicles are controlled by computer systems that are subject to hacking.
Three years ago, a hacker took control of a Jeep while it was being driven as an experiment for a technology publication. The incident was the trigger for a recall of 1.4 million Jeeps.
Hubert shares consumers’ frustration. She says the threat from cyber attackers is changing so fast that it’s hard for both carmakers and consumers to keep up.