Last week, a suspected thief’s getaway vehicle turned into his jail cell when BMW employees managed to track and remotely lock a stolen car in Seattle, according to police.
After contacting BMW corporate, officers were given the current location of the vehicle by an employee. Police say they found the car idling in an alley with the suspect asleep inside. From the SPD Blotter:
BMW employees were able to remotely lock the car’s doors, trapping the suspect inside, presumably while hissing something terrifying like “I’m not locked in here with you, you‘re locked in here with me” into the car’s sound system.
Officers roused the suspect, who quickly, but unsuccessfully, tried to drive away.
Police say they then booked the suspect for auto theft and drug possession.
While the city police blotter did not specify how employees locked the vehicle, BMW offers a service that allows call center staff to “remotely lock or open the doors to your vehicle as needed” through the company’s SIM card-based ConnectedDrive system.
In 2015, BMW announced that it was increasing security on ConnectedDrive after the German Automobile Association found it could wirelessly send any command through the system, which apparently used no encryption. And in July, a security researcher discovered that BMW’s own ConnectedDrive web portal appeared to have vulnerabilities that allowed attackers to hack vehicles through a browser.
Now, as always, such great power comes with great responsibility.