491
Revealed: car industry was warned keyless vehicles vulnerable to theft a decade ago
(www.theguardian.com)
This is a most excellent place for technology news and articles.
The articles I linked do explain how they can start a car in order to drive it away using the CAN injection hack. But they also talk about the key signal repeater attack which would give them access to the interior of the car which does two things. The first is that it allows them to have access to the hood release and thereby the horn and the fuse box. Pulling the connector to the horn, or the fuse that gives the horn and lights power will make it so even if the alarm activates it can't sound. It also gives them Access to the transmission select lever which allows them to physically put the car in neutral. With the use of a GPS jammer it would prevent the car from sending it's location anywhere. Rolling codes prevent them from walking by you in the grocery store, recording the code your fob was putting out at that moment and then using that code later to enter your vehicle and drive away with it. It does nothing to prevent the kind of attack ops article is alluding to.
https://driving.ca/features/feature-story/where-do-you-park-your-car-keys-preventing-relay-attacks
"The research uncovered a form of keyless vehicle theft neither researcher had seen before. In the past, thieves found success using what’s known as a relay attack. These hacks amplify the signal between the car and the keyless entry fob used to unlock and start it. Keyless fobs typically only communicate over distances of a few feet. By placing a simple handheld radio device near the vehicle, thieves amplify the normally faint message that cars send. With enough amplification, the messages reach the nearby home or office where the key fob is located. When the fob responds with the cryptographic message that unlocks and starts the vehicle, the crook's repeater relays it to the car. With that, the crook drives off." This quote is directly from the Ars Technica article.