28 March 2019

A surge in vehicle thefts, including keyless car crime, has led to motor insurers paying out a record £1 million every day according to figures published today by the Association of British Insurers.  A new vehicle theft claim is now being made every six minutes.  The figures reflect rising vehicle crime, with Home Office figures recording a near 50% rise in vehicle thefts over the last five years – Home Office statistics show that 111,999 cars were stolen in 2017-18 (up from 75,308 in 2013-14; a rise of 48.7% in just 5 years).

ABI’s motor claims 2018 report published today shows that:

  • The cost of vehicle thefts (including from a vehicle), at £376 million, rose by 29% on 2017, to a record annual high. This equates to just over £1 million being paid every day. The number of claims, at 56,000, rose 12% on 2017, with a new theft claim being made every six minutes.
  • The cost of all motor claims paid, including property damage, personal injury and theft was over £8.6 billion. This works out at £16,000 every single minute. This was up by nearly half a billion pounds on 2017 to a record annual high. The average overall claim was £3,082.
  • £4.8 billion was paid out in vehicle repairs – repairing the policyholder’s vehicle or that of a third party and providing a replacement vehicle. The increasing sophistication of vehicles and a weaker pound contributed to more expensive vehicle repairs.

Laurenz Gerger, ABI’s motor policy adviser said:

“The resurgence in car crime is worrying. The record amounts paid to motorists by their insurers in part reflects the vulnerability of some cars to keyless relay theft. Action by motor manufacturers to tackle this high-tech vulnerability, allied with owners taking some simple, inexpensive precautions will help reverse this unwelcome trend.

“Despite rising vehicle crime, UK motorists continue to get the most from a very competitive motor insurance market, which saw the average premium fall in 2018, the first annual decrease since 2014. But with cost pressures around theft and repairs remaining, implementing the Civil Liability Act is crucial to delivering a fairer compensation system for claimants and reducing high legal costs, to help ensure competitively priced motor insurance.”

The majority of cars targeted are high-priced models from premium brands, such as Audi, BMW, Land Rover and Mercedes, which have strong resale values in foreign markets.  These vehicles can also be broken down into component parts and sold at high prices to unaware consumers.

Graham Gibson, chief claims officer of Allianz and Chairman of Thatcham Research said:

“Car theft is well and truly back and it’s costing insurers millions of pounds and causing our customers considerable inconvenience and in some cases real emotional stress.  In the face of a challenge caused by modern technology it’s ironic that reverting back to old fashioned sensible precautions like fitting a steering lock could prevent a car being stolen.”

A vast number of cars are manufactured with keyless entry systems, which allows owners to open their vehicle as long as the key is nearby, for example, in a bag or pocket, offering convenience to drivers. But this can be exploited by criminals.

Thieves are thought to be using technology to bypass entry systems on keyless cars or trick cars into thinking the key is in the criminal’s hand. As the same keyless remotes also start the car, once inside the same technology could be used to start the ignition and drive off with the car.

Keyless car theft explained

Passive keyless entry systems, which allow drivers to open and start their cars without removing the key fob from their pocket, can be exploited using a technique called the ‘Relay Attack.’ Usually operating in pairs, one criminal will hold a device up against the car, to capture the signal it sends out to the key. It then ‘boosts’ this signal to another device by the front wall of the house, which relays the signal to the key inside. This fools the car and key into thinking they are within the 2m range of operation, allowing the car to be unlocked and started. Once started the engine will not restart without the key present.

Recent testing by Thatcham Research gave six of the eleven 11 vehicles launched this year a ‘Poor’ rating as the keyless entry/start system they have as an option has no security measures to prevent theft by criminals using the so-called ‘Relay Attack’ technique.

Seven major car hacks*

1. Relay hack keyless entry

Although, usually, your car keys signal cannot reach the car from inside your home, criminals using a ‘relay box’ can boost the signal from your car keys even when they’re away from the vehicle and imitate the exact signal – causing your car to unlock and allowing the thief access.

Stay safe advice: The best way to protect yourself from this type of crime is to disable your key signal when not using your car or keeping your keys safe in a secure container that blocks the signal.

2. Keyless jamming

Another method used by criminals is preventing the car key locking signal from reaching your car – it means your car remains unlocked when you move away from it and the thieves are then able to access your unsecured vehicle.

Stay safe advice: To prevent this from happening, make sure to check your car doors manually and use a steering wheel lock that will stop thieves from being able to take your car, even if it is unlocked.

3. Tyre pressure monitor systems

A less obvious – and not well known – method is hackers who are able to interact with sensors inside a vehicle’s tyres.

This means they are able to track the vehicle and display false tyre pressure readings – this could then lure you to check the pressure at a garage and for thieves to pounce.

Stay safe advice: When you check your tyre pressure, lock all doors when you do and seek advice from a car garage if in doubt.

4. App flaw local remote control

Many cars possess telematics, often without the driver’s knowledge, as many vehicle tracking apps integrate with their technology.

Although this can be handy for those with internet connected cars, it does mean that if a server is misconfigured or can be deliberately altered, hackers can locate, unlock and potentially start the engine of nearby cars.

Stay safe advice: Speak to your car manufacturer for support.

5. Controller Area Network disabled safety features 

Hackers can access the internal car network through vulnerabilities in a car’s wi-fi or phone connections and send ‘denial of service’ signals which can shut down air bags, anti-lock brakes, and even door locks.

Stay safe advice: Changing your passwords regularly can help prevent hackers gaining access.

6. On-board diagnostics hack

Cars possess a feature called an ‘on-board diagnostic port’ which allows garages to access the internal data of a vehicle to perform tasks such as checking service light faults and programming new keys for their owners.

However, it is possible to buy kits which can use this port to program new keys for as little as £50, allowing hackers to use them to create new keys to access vehicles.

Stay safe advice: Use a steering lock to protect yourself and get advice from a reputable garage.

7. Phone phishing

If you use wi-fi in your car, hackers may be able to access it through phishing schemes.

They can send emails with links to malicious websites and apps that, if opened, take your details and even take control of any apps that you have on your phone that allow you to interact with your vehicle.

Stay safe advice: Be cautious when opening emails from unknown senders and do not open links within these emails if you do not know the source.

*Source: thisismoney.co.uk