New ratings point to keyless cars that can stand up to relay attacks

Do you dislike the idea of standing in an empty driveway that should be occupied by your car, obediently waiting to unlock after you chirp-chirp your keyfob at it?

If so, you might want to take a gander at the security ratings for new cars put out by Thatcham Research, a nonprofit insurer research center in the UK.

Thatcham rated 11 cars that were launched so far in 2019 and plans to continue to assess new cars for security. It rated six of those 11 cars as being poor for security.

Specifically, it’s looking at those wireless keys: matchbox-sized fobs that have proven woefully susceptible to what’s known as relay attacks.

That’s when thieves use two relay devices that are capable of receiving, and extending, wireless signals from the car through walls, doors and windows, to reach the fob inside a car owner’s house. The relay devices are cheap to pick up online.

Standing next to the car, they just have to scan for signals transmitted by the wireless keys and then amplify them to open the cars, hop in and drive off.

Is your car a wireless sitting duck?

Thatcham got good results from the Audi E-tron, Jaguar XE, Range Rover Evoque and Mercedes-Benz B-Class: cars with wireless fobs that resist the attacks by either using more secure wireless technology or by going to sleep when they haven’t been used for a set time.

Thatcham Research chief technical officer Richard Billyeald told WhatCar? that Thatcham focused on relay attacks because they’re so good at blowing past whatever car manufacturers have done to boost security:

We’re focusing on keyless theft in particular because it gives thieves the ability to bypass 20 years of security improvements in a matter of seconds.

Precisely, that would be about 60 to 90 seconds, as we’ve seen in recent car thefts.

From zero to “poof!” in 60-90 seconds

CCTV footage of a relay attack captured in the UK in December 2017 shows one of the thieves standing near the victim’s property, waving a relay device until he gets a signal from a key fob inside the house or garage. The other thief stood near the car with his own relay box, which receives the signal from the relay box near the property. The car sniffs the unlock-me signal that’s close by, and it obligingly unlocks the door.

That one took about 60 seconds. This past November, the rip-off of a Volvo from a London couple took around 90 seconds, as we know from the CCTV footage captured after the poor people had a camera installed… which they did following the same exact thing happening to the same type of car a year before.

Not everybody’s a fan of the ratings

WhatCar? reports that the Society of Motor Manufacturers and Traders (SMMT) isn’t a big fan of Thatcham’s new ratings. It quoted CEO Mike Hawes, who seems to think that security via obscurity is a better approach:

It confuses rather than simplifies a very complex issue and will not help consumers, rather offering a signpost to thieves and increasing the risk of targeted criminal activity.

Hawes defended the auto industry’s work on this:

New cars are more secure than ever, and the latest technology has helped bring down theft dramatically with, on average, less than 0.3% of the cars on our roads stolen.

Criminals will always look for new ways to steal cars; it’s an ongoing battle and why manufacturers continue to invest billions in ever more sophisticated security features.

That’s good to hear. Still, if it were me staring at the empty driveway where I left my second new Volvo the night before, I’d be quite interested in hearing which car brands have come up with ways to thwart relay attacks.