Security technology created to protect luxury vehicles may now make it easier for tech-savy thieves to drive away with them.
In April, high-tech criminals made international headlines when they used a laptop and transmitter to open the locks and start the ignition of an armor-plated BMW X5 belonging to soccer player David Beckham, the second X5 stolen from him using this technology within six months.
Two of British soccer star David Beckham's BMW X5s were stolen by thieves who hacked into the codes for the vehicles' RFID chips.
The most recent theft occurred while Beckham and his two sons were eating at a restaurant in suburban Madrid. Spanish police suspected a Bulgarian gang of car thieves that specialize in stealing luxury cars. At the time of publication, no suspects had yet been apprehended.
This highly publicized theft was not the first indication that keyless systems were vulnerable to wireless break-ins. Back in 2004, when keyless technology was still new and touted as unbreakable and secure, Dr. Aviel D. Rubin, a professor of computer science at Johns Hopkins University, along with several of his graduate students examined this possibility. Within three months they had successfully cracked the code embedded within the ignition keys of newer model cars, theoretically allowing them to steal the autos.
Using a laptop computer, an antenna and specifically designed software, Rubin and his team extracted a code that transmits from a small Radio Frequency Identification (RFID) chip inside the key. From there the team tested more than one trillion possible encryption answers.
"It was a trial-and-error process," Rubin said. "We wanted to see if it could be broken and found out that it could. We were surprised."
Realizing the ramifications of their discovery, Rubin and his team presented their findings to Texas Instruments — the makers of the chip — and automaker representatives and posted their research paper online. On the site, the team does not reveal the specifics of how they broke the code, so as to not enable criminals to harness the technology.
Texas Instruments’ reaction was one of surprise, Rubin said. The chip manufacturer was skeptical at first, but once the engineers received an in-person demonstration, they relented that the technology could be broken. Unfortunately, there wasn't much that TI, the world’s largest integrated maker of RFID tags, smart labels and reader systems, could do about it. A recall would be nearly impossible and very expensive.
Bill Allen, director of business development for Texas Instruments' RFID division, did not dispute what the Johns Hopkins team did, but said it is "a complex thing and not something that can be done easily."
He said that researchers were working on staying one step ahead of criminals. Texas Instruments, he said, had already introduced 128-bit encrypted RFID tags to make it harder for thieves and hackers to manipulate the system.
"In practicality, consumers are as safe today as they were yesterday," Allen said.
Kevin P. McHugh, president of the International Association of Auto Theft Investigators, said RFID thefts "are known and growing" in Europe, especially with expensive cars. However, because the method used to steal a car isn’t noted in police reports, the specific number of how many cars had been stolen using laptops is unknown.
Yet these recent thefts may be no cause for alarm in America. The number of reported car thefts in the U.S. has declined; in 2004 there were more than 1.2 million cars stolen in the U.S., down 1.9 percent from 2003, according to the Department of Justice.
"It is getting harder for the amateur to steal cars," McHugh said. "The professional thief with high-tech experience who wants your car for reason ‘x’ is going to come up with a way to get it, and these days that often involves using technology."
RFID chips are used in everything from supermarket scanners to credit cards. Of the hundreds of millions of RFID ignition keys in use in the United States, most operate with a 40-bit frequency that broadcasts their number through the air. In order for thieves to get access to the numbers, they first must get within several inches of the key with a receiver.
From there, the signal can be downloaded onto a computer, processed and broken in about 15 minutes. The thieves can then feed the signal to the car and successfully hotwire the vehicle.
Nick Twork, a technology spokesman for Ford Motor Company, said that while no technology is foolproof, RFID has contributed to a drop in thefts over the last several years.
"We are always coming up with new ways to make it harder for people to steal cars," Twork said. "And if a car is stolen, we are making it easier to recover."
Twork said that Ford is also working on next-generation antitheft measures but declined to elaborate when asked for specifics.
Loretta Worters, a spokeswoman for the Insurance Information Institute, said that insurance companies are inclined to offer reduced rates to consumers who drive cars equipped with antitheft devices like RFID, alarm systems and safety devices like airbags.
"We feel that anything that can help reduce the number of thefts is a good thing," Worters said. "It benefits the owner of the vehicle and the insurance companies."
She added that RFID thefts "are not a big problem in the [insurance] industry.”
With millions of these tags in circulation, Rubin says there is not a lot drivers can do to protect themselves. "You can wrap [your keys] in tinfoil, but that's not very practical," he said. "It is best to wait until the second-generation tags come out."