June 07. 2018 6:44PM

Why you should keep your car keys in a metal coffee can

By PHOEBE WALL HOWARD
Detroit Free Press


The dashboard of the software-updated Tesla Model S P90D shows the icons enabling Tesla's autopilot, featuring limited hands-free steering. Car-hacking is a threat that could become serious in the future, when driverless vehicles begin talking to one another. (CHRIS WALKER/CHICAGO TRIBUNE/TNS)

Top cybersecurity experts would never hang car keys on a hook near the back door or leave them sitting on a kitchen counter. The best strategy to prevent theft? Store the key fob in an old-fashioned metal coffee can.

“Really, some cyber experts don't go to sleep without putting their key into a metal container,” said Moshe Shlisel, a veteran of the Israeli Air Force and now CEO of GuardKnox Cyber Technologies. “It's called a Faraday Cage. You block the electromagnetic field.”

Copying code from vehicle key fobs is easy. Tech thieves can do it from outside your home or a motel. Then they can steal a vehicle or just gain access without owners realizing they've been violated.

Cybersecurity companies, including the team at GuardKnox, are working with the Detroit Three and automakers globally to create protections that deter hackers who covet new cars and the data stored in them.

Within the past 90 days, GuardKnox has been granted three U.S. patents including a “Communication Lockdown Methodology” that prevents attackers from entering a vehicle's ecosystem. The patent covers trucks, buses, ships, planes, drones and even spaceships. The methodology has been implemented in fighter jets and missile defense systems.

“Vulnerability is everywhere. The fob is a symptom,” Shlisel said in a phone interview from his office just south of Tel Aviv. “You're exposed to many attack vectors. Remember your computer 20 years ago? There weren't firewalls. What happens if someone takes control of your car while you're on the highway with two kids inside and you can't do anything? You're doomed. And that can be done today.”

This is not sci-fi. This is real life. This is the reality of a wireless, connected world where car doors lock with a click and a chirp, where children in the backseat stream videos, where back-up cameras make parking easy.

"Connectivity introduces cyber risk," said Faye Francy, executive director of the non-profit Automotive Information Sharing and Analysis Center, which specializes in cybersecurity strategies.

While auto industry engineers know a lot about traditional safety, quality, compliance and reliability challenges, cyber is an “adaptive adversary,” she said.

“It's an ever-changing, emerging threat that requires diligence in every aspect of design through operations — it's not a simple engineering fix," Francy said. “And as we move into smart cities and autonomy, the interconnectedness provides greater efficiencies and safety but also introduces potential risk into the broader global ecosystem.”

Remember the heavy steel devices — some called them Kryptonite Clubs — that drivers attached to their steering wheels back in the 1980s and '90s? Well, now industry must find this on their networks to protect against hackers.

"Today we're in an interconnected society, from our computer to our phones to our cars to our homes. We need Kryptonite bars on the network," Francy said.

"Automakers are starting to implement security features in every stage of design and manufacturing. This includes the key fob,” s he said.

“Cybersecurity diligence is the cost of doing business in the digital age today."