Nissan Leaf hack: the facts
Some of the features of the Nissan Leaf could be hacked, according to an expert. Here’s what you need to know
A cybersecurity expert has found a way to remotely control a Nissan Leaf – the world’s most popular electric vehicle. The vulnerability, discovered by Troy Hunt, allows anyone access to the air-conditioning and heating systems of the car and even gives access to its journey history. However, unlike other recent car hacks, this will not allow the Leaf to be driven remotely.
According to Hunt, the hack was carried out through Nissan’s ‘Connect EV’ app and allowed him to take control of others’ Leafs from the other side of the world.
How does it work?
Like many other electric vehicles, the Nissan Leaf uses an app to display your driving habits, battery charge level and general eco-friendliness – but it also allows for ‘pre-conditioning’. Simply put, this means you can control elements of the car remotely while it’s charging. For example, you can warm up the interior while the car’s still charging, saving precious battery life for driving.
Worryingly, Hunt says he gained access to these functions through the Nissan app using only the VIN (Vehicle Identification Number) from a Leaf. "It's not that they have done authorisation [on the app] badly, they just haven't done it at all, which is bizarre,” Hunt told the BBC.
The first few characters of a car's VIN refer to the brand, model and country of origin, so only the last few numbers set each Leaf apart. "Normally, it's only the last five digits that differ," Hunt told the BBC. "There's nothing to stop someone from scripting a process that goes through every 100,000 possible cars and tries and turn the air-conditioning on in every one.”
In a video, Troy Hunt is shown remotely controlling his friend’s UK-based Leaf using his laptop over the internet. The owner, Scott Helme, also a cybersecurity expert, told the BBC: "The heated seat then turned on, the heated steering wheel turned on. And I could hear the fans spin up and the air-conditioning unit turn on.”
What cars are affected?
Nissan says all versions of the Nissan Leaf and the Nissan e-NV200 would have been affected, but the service has temporarily been taken offline.
What has Nissan said?
Nissan told us: “The NissanConnect EV app (formerly called CarWings and used for the Nissan LEAF and e-NV200) is currently unavailable. This follows information from an independent IT consultant and subsequent internal Nissan investigation that found the dedicated server for the app had an issue that enabled the temperature control and other telematics functions to be accessible via a non-secure route.
“No other critical driving elements of the Nissan LEAF or e-NV200 are affected and our 200,000-plus Leaf and e-NV200 drivers across the world can continue to use their cars safely and with total confidence. The only functions that are affected are those controlled via the mobile phone – all of which are still available to be used manually, as with any standard vehicle.
“We apologise for the disappointment caused to our Nissan LEAF and e-NV200 customers who have enjoyed the benefits of our mobile apps. However, the quality and seamless operation of our products is paramount. We're looking forward to launching updated versions of our apps very soon."
Is it dangerous?
Not particularly. Troy Hunt says he gave Nissan a month to fix the issue and today the company has deactivated the Connect EV service – but it didn’t represent an immediate risk. In a worst-case scenario, hackers would be able to access a car’s air-conditioning system and make the interior either very warm or very cold, potentially running down the battery in the process. What’s more, the hack doesn’t work when the car is in motion.
As Hunt says “It's much like being able to start the engine in a petrol car to run the air-conditioning, it's going to start consuming the fuel you have in the tank. If your car is parked on the drive overnight or at work for 10 hours and left running, you could have very little fuel left when you get back to it... You'd be stranded.”
At the same time, hackers could also have access to your journey history and eco-stats, which, while unnerving, pales in comparison to recent car hacks.
As Troy Hunt says in his blog; “It’s a different class of vulnerability to the Charlie Miller and Chris Valasek Jeep hacking shenanigans of last year, but in both good and bad ways. Good in that it doesn’t impact the driving controls of the vehicle, yet bad in that the ease of gaining access to vehicle controls in this fashion doesn’t get much easier – it’s profoundly trivial.”
Hunt also found that as soon as his friend disconnected his app from the Nissan Leaf, it was no longer hackable.
How do I protect myself? And is there a fix?
The app is currently down while Nissan fixes the issue, so you’re not currently at risk. However, if you’re still worried, it could be worth unpairing the app from your Leaf and then removing the app from your phone.