The rise of connected cars has brought convenience but also a new wave of cybersecurity risks. In 2025, over 612,000 UK businesses fell victim to cyberattacks, and with vehicles increasingly relying on digital systems, they are becoming a growing target for criminals. While large-scale, safety-critical hacks remain rare, the potential for disruption and data theft is real.
The Evolution of Automotive Cybersecurity
For years, automotive cybersecurity was an afterthought. But as vehicles became more connected — with embedded modems, infotainment systems, and smartphone integration — the threat landscape rapidly changed. Today, the UK alone has over 19 million connected cars, a number that continues to climb with each new model. This makes modern vehicles, in effect, “laptops on wheels,” vulnerable to the same kinds of attacks as any other internet-connected device.
Real-World Risks: From Remote Control to Data Theft
Early research demonstrated just how exposed cars once were. In 2010, researchers proved they could remotely control a vehicle’s systems, even disabling brakes or killing the engine. While this level of direct control is now mitigated by regulations like UN Regulation No. 155 (R155), which mandates cybersecurity standards for new vehicles, vulnerabilities persist.
The bigger risk today isn’t necessarily catastrophic remote control but rather data theft. Connected services require logins, storing personal and financial information that criminals can exploit. In 2024, a third-party data breach at Renault exposed customer names, addresses, and vehicle details. Even simply leaving your login in a car’s infotainment system can leave you vulnerable when selling or returning a vehicle.
The Threat Landscape: Who’s Targeting Cars?
While widespread vehicle-crippling attacks haven’t materialized, the potential exists. One isolated incident in 2015 saw hackers remotely control a Jeep Cherokee, forcing it off the road. The primary deterrent isn’t just security but also a lack of clear financial incentive for many criminals. However, nation-states or well-funded groups could weaponize car hacking for espionage or sabotage.
Recent research at Cornell University found “systemic protocol weaknesses” in vehicles like the Tesla Model 3, raising concerns about sophisticated digital hijacking. The UK Ministry of Defence has even banned certain electric cars with Chinese-made components from military bases, citing espionage risks.
The Future: Autonomous Cars and Fleet-Wide Vulnerabilities
The next frontier of automotive cybersecurity is autonomous vehicles. Many advanced systems rely on centralized AI, housed in external data centers rather than within the car itself. This creates a single point of failure: a successful attack could disrupt entire fleets, potentially even causing safety incidents.
Manufacturers like Hyundai are investing heavily in cybersecurity labs and over-the-air updates, mirroring the evolution of home computer security. But the arms race is ongoing, with new vulnerabilities emerging constantly.
Staying Safe: Practical Steps for Drivers
While manufacturers work to harden defenses, drivers can take steps to mitigate risks:
- Turn off unused services: Bluetooth, Wi-Fi, and other connections can be exploited if left active.
- Keep software updated: Manufacturers release patches for known vulnerabilities.
- Use strong passwords: Protect connected services with unique, secure credentials.
- Be cautious with third-party apps: Only install from trusted sources.
- Delete personal data: Remove logins, Bluetooth pairings, and navigation history before selling or returning a vehicle.
The Bottom Line
Car hacking is a growing threat that demands vigilance. Though catastrophic attacks remain rare, the risk of data theft and disruption is real. By understanding the vulnerabilities and taking basic security measures, drivers can reduce their exposure in this evolving digital landscape. Manufacturers must continue to innovate and prioritize cybersecurity to ensure connected vehicles remain safe and secure.
