Criminals are in a constant arms race with law enforcement, perpetually seeking innovative methods to circumvent security measures. As car manufacturers and police agencies enhance vehicle security and anti-theft strategies, car thieves are compelled to adopt increasingly sophisticated tactics. Recent intelligence reports from the National Insurance Crime Bureau (NICB) have shed light on emerging technologies that are becoming part of the modern car thief’s arsenal, moving beyond traditional “long tools” like slim jims and crowbars to embrace devices like the Flipper Zero and RFID cloning kiosks.
The Rise of the Flipper Zero in Car Theft
The Flipper Zero, while not incorporating groundbreakingly new technology, ingeniously combines a multitude of functionalities into a single, inconspicuous handheld device. As detailed in a recent NICB report, its capacity to read, record, and manipulate a wide spectrum of wireless signals – including radio frequency (RF), near-field communication (NFC), infrared, and RFID – presents significant security concerns, especially in the realm of vehicle theft. This versatile gadget has the potential to move beyond simple “long tools” traditionally associated with car theft, offering a more technologically advanced approach.
Imagine a scenario where a thief, armed with a Flipper Zero, could intercept and record the RF signal emitted by your car’s key fob. This recorded signal could then be replayed by the device to unlock and even start your vehicle. Even more alarmingly, the Flipper Zero could potentially be used to capture and replicate garage door opener signals. This not only grants thieves access to your car but also to your home, amplifying the potential for criminal activity far beyond simple vehicle theft.
While possessing a Flipper Zero is not illegal in itself, its potential for misuse has prompted Amazon to remove it from their marketplace due to security anxieties. Although still available through the manufacturer and other online retailers, Amazon’s ban could signal a trend, with other major marketplaces potentially following suit and restricting access to this device. This highlights the growing concern within the security community regarding the Flipper Zero’s capabilities as a modern “long tool” for illicit activities.
Car manufacturers have been proactively implementing safeguards to protect vehicles from hacking attacks of the kind the Flipper Zero enables. Currently, the threat posed by devices like the Flipper Zero appears to be primarily directed at older vehicle models that utilize fixed numeric codes in their key fobs. Fixed codes remain constant, whereas newer vehicles are equipped with rolling codes. Rolling code technology dynamically changes the numeric code transmitted with each use of the key fob. The complexity of rolling codes currently makes it significantly more challenging for devices like the Flipper Zero to effectively intercept and replicate a usable code, as the device user would need to overcome numerous variables to successfully compromise the system. However, with technology evolving at an unprecedented pace, the security advantage offered by rolling codes may not be enduring.
RFID Cloning Kiosks: Another “Long Tool” in the Modern Thief’s Toolkit
Another significant concern highlighted in NICB’s 2023 reports is the emergence of kiosks capable of copying or cloning RFID signals from key fobs and key cards. RFID technology uses radio frequencies to facilitate wireless communication between an RFID tag and a reader device, typically within a short range. This technology is widely used for controlled access systems in businesses and organizations. These kiosks, readily available in public spaces, represent a different kind of “long tool” – one that operates by exploiting the convenience of modern access systems.
These RFID cloning kiosks function by physically scanning a key fob or key card and then creating a duplicate. While some kiosks can produce a copy within a short 15-minute timeframe, others may take several days to process and deliver the cloned key or fob via mail. Adding to the risk, some kiosks possess the capability to store RFID scans for future use and even allow these digital copies to be shared through a proprietary application, creating a network for potential misuse.
The technology behind RFID scanning is not inherently illegal. However, the increasing prevalence of these kiosks in everyday locations like retail stores, gas stations, and grocery stores raises concerns about potential abuse for criminal purposes. Thieves could exploit these kiosks to duplicate stolen key fobs or those temporarily obtained from rental cars, enabling them to steal targeted vehicles at a later time. Furthermore, the ability to copy key cards for businesses and government facilities could lead to unauthorized access to sensitive information and secure areas. The versatility of these kiosks extends to creating RFID copies in various forms, including stickers, which could be discreetly attached to items like cell phones for concealed use in illicit activities.
Further Technological Threats: AirTags and Key Programmers as “Long-Reach Tools”
Beyond Flipper Zero and RFID kiosks, NICB is also monitoring other devices that could be exploited by criminals to steal vehicles, including Apple AirTags and key programming devices originally intended for legitimate automotive professionals. These represent “long-reach tools” in the sense that they can facilitate theft from a distance or through indirect means.
Apple AirTags, designed to help users track lost items like keys or phones, present a potential risk if misused for vehicle theft. A thief could surreptitiously place an AirTag on a target vehicle in a public parking area or even at a car dealership. Using a smartphone app, they could then track the vehicle’s movements to a more convenient location, such as the owner’s residence, to facilitate theft. This transforms a helpful tracking device into a “long-reach tool” for criminal surveillance.
Key programming devices, while presenting logistical challenges for criminals in terms of cost and acquisition without raising suspicion, are powerful tools in the wrong hands. Designed for locksmiths, dealership personnel, and other automotive professionals, these devices can store the necessary data to program new keys for vehicles. Criminals have been known to target dealerships to steal newer, high-demand vehicles by exploiting these key programming devices after business hours. These devices, therefore, represent sophisticated “long tools” that bypass traditional security measures.
While these emerging technological threats may seem daunting, it’s crucial to recognize that NICB, alongside law enforcement and government agencies, is actively working to understand and counter these evolving methods. NICB remains committed to its role as a leading force in the fight against insurance fraud and vehicle crime, dedicated to informing stakeholders and the public about new and emerging threats. Only through collaborative efforts can we effectively combat these modern “long tools” of vehicle crime and stay ahead of evolving criminal tactics.
