Modern vehicles are more connected than ever before, but that convenience comes with a growing cybersecurity risk. With cars now functioning much like smartphones on wheels, experts say it’s only a matter of time before cyber criminals turn greater attention to the automotive world.

Over the past decade, vehicles have rapidly evolved into highly digitised machines, often equipped with built-in internet connectivity, smartphone integration and over-the-air software updates. While these features enhance usability, they also introduce new vulnerabilities. As one industry expert explains, cars today are effectively “internet devices” – and that makes them potential targets.

The risks aren’t purely theoretical. Early research demonstrated that hackers could remotely access a vehicle’s electronic systems, even interfering with critical functions such as braking or engine operation. While real-world incidents remain rare, the potential consequences have driven tighter global regulations, including mandatory cybersecurity standards for new vehicles introduced in recent years.

1

A real-world example of how disruptive cyber attacks can be came with the ransomware hit on Jaguar Land Rover. The attack crippled the company’s IT systems, forcing a shutdown of production lines and delaying vehicle deliveries for weeks. Customers were left waiting longer for new cars, while servicing and parts supply were also impacted. The incident showed that even when vehicles themselves aren’t directly hacked, the wider automotive ecosystem – from manufacturing to aftersales – can be severely affected.

AutoExpress recently visited Hyundai Motor Group’s advanced technology facility in Frankfurt, Germany, where cybersecurity is treated as a core part of vehicle development. The site houses a dedicated laboratory focused on testing and strengthening digital defences across Hyundai, Kia and Genesis models.

1

The facility also plays a key role in developing over-the-air software updates, which allow manufacturers to fix vulnerabilities remotely. Hyundai engineers liken the current state of automotive cybersecurity to the early days of personal computers – before antivirus protection became standard – highlighting just how rapidly the threat landscape is evolving.

More commonly, however, the threat lies in data theft rather than dramatic vehicle takeovers. Modern infotainment systems often store sensitive personal information, including names, addresses and even payment details. This makes them an attractive target for cyber criminals seeking financial gain. In one recent case, attackers breached a third-party supplier linked to a major car brand, exposing customer data and highlighting the broader ecosystem risk.

Even everyday habits can create vulnerabilities. Studies have found that many used cars still contain personal data from previous owners, including phone contacts and navigation history. Failing to delete this information when selling a vehicle can leave drivers exposed to identity theft.

Looking ahead, the rise of semi-autonomous and fully autonomous vehicles could further increase the stakes. Many advanced systems rely on centralised data networks, meaning a single cyber attack could potentially disrupt entire fleets rather than just individual cars.

Despite these concerns, experts stress that large-scale attacks remain unlikely for now, largely because there is limited financial incentive compared to other forms of cybercrime. Still, the evolving nature of threats means vigilance is essential.

For drivers, simple precautions can make a significant difference: keep vehicle software updated, avoid unsecured Wi-Fi networks, use strong passwords and always wipe personal data before selling or returning a car. Treating your vehicle with the same cybersecurity awareness as your phone or laptop may soon become second nature.

Keeping your car safe

Turn off unused connections: Disable Bluetooth, Wi-Fi or in-car hotspots when not in use to reduce potential entry points for hackers.

Keep software updated: Regular updates (including over-the-air updates) help fix security vulnerabilities and keep your vehicle protected.

Be cautious with apps and devices: Only install trusted apps and be careful when plugging in USB drives or external devices.

Avoid public Wi-Fi networks: Unsecured or unknown networks can expose your car’s systems to cyber threats.

Use strong, unique passwords: Protect your connected services and apps with secure passwords, just like you would on your phone or laptop.

1

Protect your key: Store keys away from the car and consider using a Faraday pouch to block signal relay attacks.

Delete personal data before selling: Remove all stored information, including accounts, contacts and settings, before handing over a vehicle.

Clear navigation history: Stored locations can reveal personal routines and should be wiped.

Remove paired devices: Delete your phone and any Bluetooth connections to prevent access to contacts and call data.

Sign out of apps and services: Ensure streaming and connected service accounts (e.g. music or video apps) are logged out to protect personal and financial information.