Tesla's 'Safest' Car is Easily Hackable

Tesla's Model S sedan gives the car company some serious bragging rights, but a simple hack may put drivers at risk.

A security expert and Tesla owner revealed that the "safest" car on U.S. roads is vulnerable to hackers. (Image via Tesla)

Consumer Reports awarded the Tesla Model S its highest ranking since 2007 -- 99 out of 100 points. And the 2014 version earned top honors from National Highway Traffic Safety Administration, more than 5 stars, putting the Model S in the top 1 percent of vehicles ever tested by the NHTSA.

But a security expert recently demonstrated that a simple hack can open the car owner up to plenty of safety concerns.

Nitesh Dhanjani, who owns an Tesla Model S, revealed his findings during a presentation at the Black Hat Asia security conference in Singapore. He found multiple design flaws in its security system, allowing hackers to unlock the vehicle and steal data in the system through an online command to the car if they can crack the password.

"We cannot be protecting our cars in the way we protected our [computer] workstations, and failed," Dhanjani said, according to Reuters.

The car is initially pricey, starting at $69,000. But the electric motor gets 200 miles per charge; an equivalent fuel cost efficiency of 84 miles per gallon, or buying gas at $1.20 per gallon. (Image via Tesla)

The Model S can only be driven when the key fob is present. And when a customer places an order for a new Model S, the owner is required to set up an account with a six-character password. Owners can then access their account through an Android or iOS app to perform minor tasks and check the vehicle’s status. But this remote accessibility makes the entire system vulnerable to hackers.

According to Value Walk, Dhanjani said the vehicle password can be hacked through the same methods used to gain access to any other online account. Attackers can eventually guess the password through Tesla Motors website, which doesn’t restrict the number of incorrect login attempts. Hackers can also gain access to the password from the Model S owner’s computer using password-stealing viruses.

Dhanjani said it’s a serious issue when a $100,000 car relies on a six-character password, and that he has communicated his findings with Tesla.

If the price tag doesn't affect the purchase matrix, the hackability may gives some buyers pause. But the impressive fuel stats -- the electric motor gets 200 miles per charge; an equivalent fuel cost efficiency of 84 miles per gallon, or buying gas at $1.20 per gallon car's other kudos -- or the safety ratings (it's the sedan that beat out all SUVs and minivans in safety) may keep consumers lined up, happy to trust that Tesla will shore up vulnerabilities soon.

Check out the NHSTA safety test video of the Model S below.

(H/T: Gizmodo)

—

Follow Elizabeth Kreft (@elizabethakreft) on Twitter