{"id":54562,"date":"2025-10-09T09:31:44","date_gmt":"2025-10-09T13:31:44","guid":{"rendered":"https:\/\/www.kaspersky.com\/blog\/?p=54562"},"modified":"2025-10-09T09:31:44","modified_gmt":"2025-10-09T13:31:44","slug":"automotive-security-2025","status":"publish","type":"post","link":"https:\/\/www.kaspersky.com\/blog\/automotive-security-2025\/54562\/","title":{"rendered":"Highway to\u2026 hacked: cyberthreats to connected cars"},"content":{"rendered":"<p>It\u2019s been ten years since two researchers \u2014 Charlie Miller and Chris Valasek \u2014 <a href=\"https:\/\/www.wired.com\/2015\/07\/hackers-remotely-kill-jeep-highway\/\" target=\"_blank\" rel=\"noopener nofollow\">terrified a Wired journalist<\/a> (and then the whole world) with their remote hack of a Jeep Cherokee speeding down the highway. It played out like something straight out of a Stephen King novel \u2014 a possessed car gone rogue. The wipers started moving on their own, buttons stopped responding, the radio blasted uncontrollably, and the brake pedal went dead. We\u2019ve covered that case in detail plenty before: <a href=\"https:\/\/www.kaspersky.com\/blog\/remote-car-hack\/9395\/\" target=\"_blank\" rel=\"noopener nofollow\">here<\/a>, <a href=\"https:\/\/www.kaspersky.com\/blog\/blackhat-jeep-cherokee-hack-explained\/9493\/\" target=\"_blank\" rel=\"noopener nofollow\">here<\/a>, and <a href=\"https:\/\/www.kaspersky.com\/blog\/jeep-hacked-again\/12752\/\" target=\"_blank\" rel=\"noopener nofollow\">here<\/a>.<\/p>\n<p>Since then, cars have continued to evolve rapidly to integrate an ever-wider array of features. Digital electronics now control almost everything \u2014 from the engine and fuel systems to autopilot, passenger safety, and infotainment. That also means every interface or component can become a hacker\u2019s entry point: MOST, LIN, and CAN buses, OBD ports, Ethernet, GPS, NFC, Wi-Fi, Bluetooth, LTE\u2026 But hey \u2014 on the bright side, the latest CarPlay lets you change your dashboard wallpaper!<\/p>\n<p>Jokes aside, the most serious attacks no longer target individual vehicles, but rather their manufacturers\u2019 servers. In 2024, for example, <a href=\"https:\/\/www.bleepingcomputer.com\/news\/security\/toyota-confirms-third-party-data-breach-impacting-customers\/\" target=\"_blank\" rel=\"noopener nofollow\">Toyota lost 240GB of data<\/a>, including customer information and internal network details. A single compromised server can expose millions of vehicles at once.<\/p>\n<p>Even the United Nations has taken note, and for once didn\u2019t stop at \u201cexpressing concern\u201d. Together with automakers, the UN has developed two key regulations \u2014 <a href=\"https:\/\/unece.org\/transport\/documents\/2021\/03\/standards\/un-regulation-no-155-cyber-security-and-cyber-security\" target=\"_blank\" rel=\"noopener nofollow\">UN R155<\/a> and <a href=\"https:\/\/unece.org\/transport\/documents\/2021\/03\/standards\/un-regulation-no-156-software-update-and-software-update\" target=\"_blank\" rel=\"noopener nofollow\">UN R156<\/a> \u2014 setting high-level cybersecurity and software update requirements for vehicle manufacturers. Also relevant is the <a href=\"https:\/\/www.iso.org\/standard\/70918.html\" target=\"_blank\" rel=\"noopener nofollow\">ISO\/SAE 21434:2021<\/a> standard, introduced in 2021, which details methods to mitigate cyber-risks throughout vehicle production. Though the above, technically, are recommendations, automakers have a strong incentive to comply: mass recalls can cost tens or even hundreds of millions of dollars. Case in point: following the incident mentioned earlier, Jeep had to recall <a href=\"https:\/\/www.bbc.com\/news\/technology-33650491\" target=\"_blank\" rel=\"noopener nofollow\">1.4 million vehicles<\/a> in the U.S. alone \u2014 and faced a whopping <a href=\"https:\/\/www.bhfs.com\/Templates\/media\/files\/insights\/The%20Jeep%20Hacking%20Case%20Is%20Problematic.pdf\" target=\"_blank\" rel=\"noopener nofollow\">$440 million<\/a> in lawsuits.<\/p>\n<p>Surprisingly, the UN\u2019s efforts have had real impact. In the last two years, the strict new rules have already led to the <a href=\"https:\/\/c2a-sec.com\/list-of-discontinued-car-models-due-to-un-regulation-no-155-on-vehicle-cybersecurity\/\" target=\"_blank\" rel=\"noopener nofollow\">discontinuation of several older models<\/a>, simply because they were designed before the regulations came into force. The discontinued models in 2024 include the Porsche 718 Boxster and Cayman (July), Porsche Macan ICE (April), Audi R8 and TT (June), VW Up! and Transporter 6.1 (June), and Mercedes-Benz Smart EQ Fortwo (April).<\/p>\n<h2>What exactly can hackers do?<\/h2>\n<p>There are plenty of ways cybercriminals can cause trouble for drivers:<\/p>\n<ul>\n<li><strong>Creating dangerous situations.<\/strong> Disabling brakes, blasting loud music, or triggering other distractions (as in the Jeep case) can serve as psychological pressure or direct physical threats to anyone inside the vehicle.<\/li>\n<li><strong>Stealing telematics data.<\/strong> This can be used to launch a targeted attack on specific individuals. In 2024, millions of Kia vehicles were found vulnerable to remote tracking via a dealer portal. <a href=\"https:\/\/www.kaspersky.com\/blog\/tracking-and-hacking-kia-cars-via-internet\/52497\/\" target=\"_blank\" rel=\"noopener nofollow\">With just a license plate number<\/a>, attackers could locate the car in real time, lock or unlock the doors, start or stop the engine, and even honk the horn. Similar issues have affected <a href=\"https:\/\/samcurry.net\/web-hackers-vs-the-auto-industry\" target=\"_blank\" rel=\"noopener nofollow\">BMW, Mercedes, Ferrari, and other manufacturers<\/a>. Researchers also discovered that by <a href=\"https:\/\/www.kaspersky.com\/blog\/hacking-smart-car-alarm-systems\/26014\/\" target=\"_blank\" rel=\"noopener nofollow\">compromising smart alarm systems<\/a> they could listen to what\u2019s going on in the interior of the car, access vehicle history, and steal owners\u2019 personal data.<\/li>\n<li><strong>Stealing the car itself.<\/strong> For example, by using devices such as <a href=\"https:\/\/kentindell.github.io\/2023\/04\/03\/can-injection\/\" target=\"_blank\" rel=\"noopener nofollow\">CAN injectors<\/a>, which connect to the vehicle\u2019s CAN bus (through the headlight circuit, for example) and send commands that mimic signals from the real key.<\/li>\n<li><strong>Stealing payment data.<\/strong> You might wonder why a car would hold the owner\u2019s credit card info? Well, one was needed to pay for <a href=\"https:\/\/www.bbc.com\/news\/technology-62142208\" target=\"_blank\" rel=\"noopener nofollow\">BMW\u2019s heated seat subscription<\/a>, for example. But while that particular scheme was scrapped after a public backlash, the \u201ceverything-as-a-service\u201d trend continues. For example, in 2023, Mercedes-Benz offered electric car drivers the option to <a href=\"https:\/\/electrek.co\/2023\/04\/26\/performance-mercedes-benz-offers-paywalled-speed-upgrade-ev-lineup-eq\/\" target=\"_blank\" rel=\"noopener nofollow\">pay extra for faster acceleration<\/a>. The feature would shave 0.9 seconds off the 0\u2013100km\/h time for an annual fee of US$600\u2013900!<\/li>\n<\/ul>\n<h2>How real is the threat to your car?<\/h2>\n<p>First, let\u2019s determine which category your vehicle falls into. Kaspersky ICS-CERT experts <a href=\"https:\/\/ics-cert.kaspersky.com\/publications\/reports\/2025\/08\/21\/modern-vehicle-cybersecurity-trends\/\" target=\"_blank\" rel=\"noopener\">roughly divide all cars into three groups<\/a>:<\/p>\n<h4>Obsolete vehicles \u2014 no risk<\/h4>\n<p>Vehicles in this group have no interaction with external information systems via digital channels. Their control units are minimal, and the only interface (if any) is the diagnostic OBD port. They can\u2019t be hacked remotely, and there are no known cases of cyberattacks against them \u2014 the only real threat is traditional theft. Even if you install a modern multimedia head unit or an emergency response system, those modules remain isolated from the car\u2019s internal components, preventing any attack on critical systems.<\/p>\n<h4>Legacy vehicles \u2014 highest risk<\/h4>\n<p>These models come in-between older cars with nothing to hack (\u201cwhen cars were car\u201d, etc.), and today\u2019s \u201ccomputers on wheels\u201d packed with sensors and interfaces. Most of their systems and controls are digital. They typically include a telematics unit for wireless connectivity, a powerful infotainment system, and intelligent driver-assistance features.<\/p>\n<p>Together, these modules form a poorly protected information network where the ability to remotely adjust vehicle settings or control certain systems creates plenty of potential attack vectors. Owners often replace the outdated factory head units with new ones from third-party manufacturers \u2014 which rarely prioritize cybersecurity.<\/p>\n<p>Such models are the most vulnerable to serious cyberattacks \u2014 including those that can endanger the driver\u2019s or passengers\u2019 lives. But no one is planning serious security updates for them anymore. That ill-fated Jeep mentioned earlier falls squarely into this category.<\/p>\n<h4>Modern vehicles \u2014 medium risk<\/h4>\n<p>The latest models take into account lessons learned from past mistakes, as well as newly developed standards and regulations. Manufacturers now use segmented network architectures with a central gateway that filters traffic to isolate critical systems from the components most exposed to attack \u2014 the infotainment and telecom modules.<\/p>\n<p>Major automakers (General Motors was among the first, plus Tesla, Ford, Hyundai, BMW, Mercedes, Volkswagen, Toyota, Honda, and component makers like Bosch and Continental) now have dedicated cybersecurity teams and conduct penetration testing.<\/p>\n<p>However, this doesn\u2019t mean these cars are completely secure. Researchers regularly find new vulnerabilities even in the most advanced models, because their attack surface is far larger than that of older vehicles.<\/p>\n<p>By the way, Kaspersky has developed its own car cybersecurity solution \u2014 <a href=\"https:\/\/os.kaspersky.com\/solutions\/kaspersky-automotive-secure-gateway\/?from=en\" target=\"_blank\" rel=\"noopener nofollow\">Kaspersky Automotive Secure Gateway<\/a>, so our <a href=\"https:\/\/www.kaspersky.com\/top3\" target=\"_blank\" rel=\"noopener nofollow\">top-tier protection<\/a> will soon be available for vehicles too.<\/p>\n<h2>What to look out for when buying a car?<\/h2>\n<p>When buying a new vehicle these days, consider not only the technical specs but also its cybersecurity. Start by checking online for reports of cyberattacks on specific models or their manufacturers \u2014 such incidents rarely go unnoticed.<\/p>\n<p>If possible, find information about the following:<\/p>\n<ul>\n<li>The information network architecture of the car<\/li>\n<li>The presence of a central security gateway<\/li>\n<li>Separation of the car\u2019s network into security domains<\/li>\n<li>Support of CAN-message encryption<\/li>\n<\/ul>\n<p>You should also ask the dealer the right questions:<\/p>\n<ul>\n<li>What cybersecurity systems are built into the car?<\/li>\n<li>How often are software updates released for this model, and how are they installed?<\/li>\n<li>How can unused smart functions be disabled?<\/li>\n<\/ul>\n<h2>How do you set everything up correctly if you already have a car?<\/h2>\n<p>Start with the manufacturer\u2019s mobile app (if one exists).<\/p>\n<ul>\n<li>Set a strong, unique password that doesn\u2019t contain any personal information. For help with this, see <a href=\"https:\/\/www.kaspersky.com\/blog\/international-password-day-2025\/53355\/\" target=\"_blank\" rel=\"noopener nofollow\">Creating an unforgettable password<\/a>.<\/li>\n<li>Strengthen your account security with two-factor authentication or <a href=\"https:\/\/www.kaspersky.com\/blog\/full-guide-to-passkeys-in-2025-part-1\/53688\/\" target=\"_blank\" rel=\"noopener nofollow\">passkeys<\/a>, if available.<\/li>\n<li>Regularly check the activity log and the list of devices connected to your account.<\/li>\n<li>Disable any unused features in both the app and the car.<\/li>\n<\/ul>\n<p>Next, tighten up the privacy settings in the car itself.<\/p>\n<ul>\n<li>Turn off telemetry collection where possible.<\/li>\n<li>Limit access to microphones and cameras.<\/li>\n<li>Clear your travel history and saved contacts before selling the car.<\/li>\n<\/ul>\n<p>And let\u2019s not forget about managing connected devices.<\/p>\n<ul>\n<li>Regularly review paired <a href=\"https:\/\/www.kaspersky.com\/blog\/perfektblue-bluetooth-car-hack\/54159\/\" target=\"_blank\" rel=\"noopener nofollow\">Bluetooth devices<\/a>.<\/li>\n<li>If possible, prohibit Bluetooth pairing without confirmation.<\/li>\n<li>Remove connections to the devices of previous owners or passengers.<\/li>\n<li>Disable automatic connection to unknown Wi-Fi networks.<\/li>\n<\/ul>\n<p>A few final tips:<\/p>\n<ul>\n<li>Keep your car\u2019s software up to date: install firmware updates as soon as they\u2019re released. Enable automatic notifications for available updates in the car settings.<\/li>\n<li>Monitor telemetry access: regularly check <a href=\"https:\/\/www.kaspersky.com\/blog\/spies-on-wheels-how-carmakers-sell-your-intimate-data\/49341\/\" target=\"_blank\" rel=\"noopener nofollow\">what data your car collects and who it\u2019s shared with<\/a>. Many of the latest cars let you <a href=\"https:\/\/www.kaspersky.com\/blog\/car-manufacturers-silently-sell-user-telematics-data\/51245\/\" target=\"_blank\" rel=\"noopener nofollow\">limit personal data collection<\/a>.<\/li>\n<\/ul>\n<h2>What to do if you suspect your car is hacked?<\/h2>\n<p>First, ask yourself: \u201cWhat\u2019s the evidence?\u201d and check for the following signs of compromise:<\/p>\n<ul>\n<li>Vehicle features unexpectedly turning on and off<\/li>\n<li>Rapid battery drain with no obvious cause<\/li>\n<li>Strange notifications in the vehicle\u2019s mobile app<\/li>\n<li>Inability to control the car normally<\/li>\n<\/ul>\n<p>If you suspect a hack, do the following:<\/p>\n<ul>\n<li>Disconnect the car from the internet. Remove the SIM card if possible, or contact your mobile operator to block data transfer for the number linked to the vehicle.<\/li>\n<li>Change passwords for the car\u2019s mobile app. If possible, terminate all sessions tied to your account (often an option in the settings), or review all connections and remove any unknown devices.<\/li>\n<li>Take photos of any alerts the car displays.<\/li>\n<li>If you\u2019ve entered payment card details in the car, block the card immediately.<\/li>\n<li>Contact an authorized dealer for diagnostics.<\/li>\n<li>Contact the vehicle manufacturer\u2019s support.<\/li>\n<li>If you suspect data theft, report it to the police.<\/li>\n<\/ul>\n<p>Note that for private owners, the most likely threats are tracking and theft. However, for organizations that operate fleets (taxis, car-sharing, transportation or construction equipment companies), the risks are significantly higher. For a deeper dive into current automotive cybersecurity trends, check out our <a href=\"https:\/\/ics-cert.kaspersky.com\/publications\/reports\/2025\/08\/21\/modern-vehicle-cybersecurity-trends\/\" target=\"_blank\" rel=\"noopener\">report on the Kaspersky ICS CERT site<\/a>.<\/p>\n<blockquote><p>Want to learn more about other threats to car owners? Browse our relevant posts:<\/p>\n<ul>\n<li><a href=\"https:\/\/www.kaspersky.com\/blog\/tracking-and-hacking-kia-cars-via-internet\/52497\/\" target=\"_blank\" rel=\"noopener nofollow\">How millions of Kia cars could be tracked<\/a><\/li>\n<li><a href=\"https:\/\/www.kaspersky.com\/blog\/car-manufacturers-silently-sell-user-telematics-data\/51245\/\" target=\"_blank\" rel=\"noopener nofollow\">I know how you drove last summer<\/a><\/li>\n<li><a href=\"https:\/\/www.kaspersky.com\/blog\/spies-on-wheels-how-carmakers-sell-your-intimate-data\/49341\/\" target=\"_blank\" rel=\"noopener nofollow\">Spies on wheels: how carmakers collect and then resell information<\/a><\/li>\n<li><a href=\"https:\/\/www.kaspersky.com\/blog\/automotive-apps-security\/44425\/\" target=\"_blank\" rel=\"noopener nofollow\">Automotive apps: who gets your car keys?<\/a><\/li>\n<li><a href=\"https:\/\/www.kaspersky.com\/blog\/hacking-smart-car-alarm-systems\/26014\/\" target=\"_blank\" rel=\"noopener nofollow\">Hacking smart car alarm systems<\/a><\/li>\n<\/ul>\n<\/blockquote>\n<input type=\"hidden\" class=\"category_for_banner\" value=\"kpm-download\">\n","protected":false},"excerpt":{"rendered":"<p>Can hackers really hijack your car in 2025?<\/p>\n","protected":false},"author":2775,"featured_media":54567,"comment_status":"closed","ping_status":"closed","sticky":false,"template":"","format":"standard","meta":{"_acf_changed":false,"footnotes":""},"categories":[2683,9],"tags":[651,1027,82,43,97,768,422,812,268],"class_list":{"0":"post-54562","1":"post","2":"type-post","3":"status-publish","4":"format-standard","5":"has-post-thumbnail","7":"category-threats","8":"category-tips","9":"tag-cars","10":"tag-connected-devices","11":"tag-hacking","12":"tag-privacy","13":"tag-security-2","14":"tag-surveillance","15":"tag-threats","16":"tag-tracking","17":"tag-vulnerabilities"},"hreflang":[{"hreflang":"x-default","url":"https:\/\/www.kaspersky.com\/blog\/automotive-security-2025\/54562\/"},{"hreflang":"en-in","url":"https:\/\/www.kaspersky.co.in\/blog\/automotive-security-2025\/29718\/"},{"hreflang":"en-ae","url":"https:\/\/me-en.kaspersky.com\/blog\/automotive-security-2025\/24788\/"},{"hreflang":"en-gb","url":"https:\/\/www.kaspersky.co.uk\/blog\/automotive-security-2025\/29607\/"},{"hreflang":"ru","url":"https:\/\/www.kaspersky.ru\/blog\/automotive-security-2025\/40651\/"},{"hreflang":"ru-kz","url":"https:\/\/blog.kaspersky.kz\/automotive-security-2025\/29813\/"},{"hreflang":"en-au","url":"https:\/\/www.kaspersky.com.au\/blog\/automotive-security-2025\/35550\/"},{"hreflang":"en-za","url":"https:\/\/www.kaspersky.co.za\/blog\/automotive-security-2025\/35173\/"}],"acf":[],"banners":"","maintag":{"url":"https:\/\/www.kaspersky.com\/blog\/tag\/cars\/","name":"Cars"},"_links":{"self":[{"href":"https:\/\/www.kaspersky.com\/blog\/wp-json\/wp\/v2\/posts\/54562","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/www.kaspersky.com\/blog\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/www.kaspersky.com\/blog\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/www.kaspersky.com\/blog\/wp-json\/wp\/v2\/users\/2775"}],"replies":[{"embeddable":true,"href":"https:\/\/www.kaspersky.com\/blog\/wp-json\/wp\/v2\/comments?post=54562"}],"version-history":[{"count":4,"href":"https:\/\/www.kaspersky.com\/blog\/wp-json\/wp\/v2\/posts\/54562\/revisions"}],"predecessor-version":[{"id":54570,"href":"https:\/\/www.kaspersky.com\/blog\/wp-json\/wp\/v2\/posts\/54562\/revisions\/54570"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/www.kaspersky.com\/blog\/wp-json\/wp\/v2\/media\/54567"}],"wp:attachment":[{"href":"https:\/\/www.kaspersky.com\/blog\/wp-json\/wp\/v2\/media?parent=54562"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/www.kaspersky.com\/blog\/wp-json\/wp\/v2\/categories?post=54562"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/www.kaspersky.com\/blog\/wp-json\/wp\/v2\/tags?post=54562"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}