Connected Car Cybersecurity: Threats, Incidents & Defense Strategies

Connected vehicles face escalating cyberattacks with 225% increase in CASE vehicle attacks (2018-2021) and vulnerabilities rising 321%. Multiple entry points via ECUs, keyless entry, OBD-II ports, and cloud services require integrated security strategies.

Overview

Connected and autonomous vehicles represent a fundamental shift in automotive technology, integrating advanced systems including 3D mapping, IoT devices, cloud-based services, LAN/CAN networks, and autonomous driving capabilities. However, this connectivity creates unprecedented cybersecurity challenges. According to the data, modern vehicles contain over 100 million lines of software code and dozens of Electronic Control Units (ECUs) connected via multiple electronic buses with different speeds and characteristics.

The connected car market is projected to reach $225.16 billion by 2027, with 115 million connected cars expected globally by 2025. Despite industry progress in recent years—the automotive sector began seriously investing in cybersecurity solutions approximately six years before 2021—significant vulnerabilities remain across the vehicle ecosystem.

Key Threats

Attack Surfaces and Entry Points

Connected vehicles present multiple potential in-car and remote access points that attackers can exploit:

Physical/Local Access: OBD-II ports, USB and SD card slots, keyless entry systems, Bluetooth connections
Wireless/Remote Access: Wi-Fi, embedded modems, telematics systems, smartphone app integrations, cloud-connected services
Sensor Networks: Multiple sensors across the vehicle creating expanded hacking surfaces for privacy invasion and personally identifiable information (PII) exposure
Electronic Control Units: Dozens of interconnected ECUs with varying security implementations

Specific Attack Categories

Vehicle Theft and Keyless Entry Exploitation: In September 2021, New York City police raided a car-theft ring that stole vehicles using cloned key fobs with security codes purchased online. The thieves also used aftermarket scanning tools to reprogram vehicle ignitions, creating a critical vulnerability in keyless entry systems.

Fleet-Wide Compromise Risks: As noted by Tesla leadership, a fleet-wide hack of connected vehicles could have disastrous consequences. The Controller Area Network (CAN) provides a direct attack vector to vehicle systems.

Manufacturing and Supply Chain Attacks: In June 2020, a car manufacturer halted production across most North American plants following a ransomware attack, demonstrating that the automotive industry is a high-value target for cybercriminals.

Privacy and Data Breach Risks: Connected cars enable invasion of privacy through sensor networks and data collection. A 2021 HSB/Munich Re survey found that 35% of consumers feared cyberattacks could damage or destroy vehicle data, software, or operating systems. Additionally, 51% of consumers syncing smartphones with vehicles don't know what personal information is stored in the vehicle's entertainment system.

Escalating Attack Trends

Cyberattacks targeting CASE (Connected, Autonomous, Shared, and Electric) vehicles increased 225% from 2018 through 2021, while vulnerabilities rose 321%. In the UK, the National Police Chief's Council reported a 3.1% increase in vehicle crime as of June 2021. Industry projections indicate the sector could lose more than $500 billion to cyberattacks by 2024.

Notable Incidents

2015 - Security-Related Recall: The first and only major security-related car recall affected 1.4 million vehicles after researchers demonstrated how an attacker could remotely control a connected car. This incident brought automotive cybersecurity into public awareness.

June 2020 - Ransomware Attack on Manufacturer: A major car manufacturer suspended production across most North American plants following a ransomware attack, highlighting the vulnerability of automotive manufacturing infrastructure.

September 2021 - New York Car Theft Ring: NYPD raids uncovered sophisticated vehicle theft operations using cloned key fobs (security codes purchased online and encoded into devices by locksmiths) and aftermarket scanning tools to reprogram vehicle ignitions.

Consumer Awareness and Industry Response

Consumer concern about connected vehicle cybersecurity is substantial and growing. A 2018 Irdeto survey found that 53% of consumers planning to purchase vehicles would research the vehicle's cyberattack protection, rising to 62% among ages 25-34. A 2021 HSB poll found that 37% of U.S. motorists were "somewhat or very concerned" about connected vehicle cybersecurity.

The automotive industry has responded with increased investment in hardware and software security solutions. Industry standards and regulations are emerging to accelerate deployment of cybersecurity protections across all connected vehicles. The 2nd Billington Automotive Cybersecurity Summit (August 2018) attracted 500 attendees and included keynote participation from GM CEO Mary Barra and U.S. Secretary of Transportation Anthony Foxx, indicating executive-level commitment to addressing these threats.

Recommendations

Technical Security Measures

Integrated Hardware and Software Security: Deploy comprehensive cybersecurity solutions across all ECUs with real-time threat intelligence and automated response capabilities.
Network Segmentation: Implement strategic segmentation of in-vehicle networks to isolate critical systems (brakes, steering, engine management) from infotainment and connectivity systems.
Component Authentication: Establish connected component authentication protocols to prevent unsecured components from accessing vehicle systems.
Virtualization and Containerization: Deploy virtualization techniques to isolate different vehicle subsystems and limit the blast radius of compromised components.
Software Security Practices:
Implement secure coding standards across all vehicle software development
Establish vulnerability disclosure programs and patch management processes
Conduct rigorous code review and security testing

Operational and Governance Measures

Supply Chain Security: Require suppliers to implement security standards and conduct security assessments of third-party components.
Cloud Platform Security: Secure all telematics and cloud-connected services with encryption, authentication, and access controls.
Regulatory Compliance: Align with emerging automotive cybersecurity standards and regulations to ensure baseline protection.
Secure Charging Infrastructure: Implement security measures at EV charging stations to prevent attacks through this emerging access point.
Data Privacy Protection: Establish clear data protection strategies and limit collection of personally identifiable information from vehicle sensors and user devices.

Consumer and Fleet Management

Consumer Education: Provide clear guidance on connected car security features, risks associated with synced devices, and data stored in vehicle systems.
Fleet Security Monitoring: Implement monitoring and detection systems to identify suspicious vehicle behavior or unauthorized access attempts.
Regular Updates and Patches: Establish over-the-air (OTA) update mechanisms for rapid deployment of security patches across vehicle fleets.
Access Control: Implement strong authentication for all remote access points including mobile apps, keyless entry, and diagnostic systems.

Industry Collaboration

Information Sharing: Participate in industry threat intelligence sharing to identify emerging attacks and vulnerabilities.
Standards Development: Actively engage in development of automotive cybersecurity standards and best practices.
Executive Accountability: Establish cybersecurity governance at the executive level with clear accountability for security outcomes.

Source: CyberBriefing intelligence synthesis from 20 years of historical threat data.