Insights
Cybersecurity in connected vehicles: How automakers and consumers can stay secure
Rahul Raina, Regional Business Development Director, UST Sdn Bhd
Explore how automakers are securing connected vehicles with AI, blockchain, and smart design to stay ahead of evolving cyber threats.
Rahul Raina, Regional Business Development Director, UST Sdn Bhd
UST Automotive Solutions
As vehicles become increasingly connected, they're evolving into complex, software-defined systems that resemble data centers on wheels. This transformation redefines mobility through real-time navigation, predictive maintenance, and autonomous driving.
However, it also expands the attack surfaces across the vehicle's digital and physical systems. Each interface, sensor, and wireless connection adds to the challenge of keeping vehicles secure.
For automakers and suppliers, cybersecurity is no longer just an IT concern. It's a core part of product safety, customer trust, and long-term brand value.
With the industry moving toward fully connected and autonomous vehicles, protecting the entire ecosystem—from embedded systems to cloud-based vehicle security solutions—has become a critical priority. That includes a growing emphasis on IoT-enabled vehicle protection, where security must extend across in-vehicle systems, edge devices, and the broader connected infrastructure.
Recent trends underscore the urgency. In 2024, 60% of cybersecurity incidents in the automotive and smart mobility sectors affected thousands to millions of assets. Even more concerning, attacks impacting millions of vehicles more than tripled—from 5% in 2023 to 19% in 2024. The automotive cybersecurity market is projected to grow from $3.9 billion in 2023 to $5.9 billion by 2025.
This blog explores the significant threats, pressing challenges, and emerging technologies shaping the future of cybersecurity in connected vehicles.
DIVIDER
Why cybersecurity matters in connected vehicles
Connected vehicles don't just move people—they handle an ever-growing stream of data, from location and driving behavior to personal preferences and vehicle diagnostics. This information must be protected to preserve privacy, safety, and system reliability. A cyberattack could turn off critical functions like steering or braking, putting lives at risk. Even less dramatic breaches—such as unauthorized access to personal data—can lead to financial and legal consequences. Consumers expect their vehicles to be as secure as their smartphones, and they're quick to lose trust when companies do not meet those expectations.
DIVIDER
Major cybersecurity threats in connected and autonomous vehicles
The complexity of connected and autonomous vehicles introduces a broad range of cybersecurity threats that extend beyond traditional IT threats. Key areas of concern include:
- External attacks: Wireless interfaces such as Bluetooth, Wi-Fi, cellular, and V2X are common entry points for remote attackers. V2X security risks include spoofed messages, denial-of-service attacks, and unauthorized access through compromised roadside infrastructure or public networks. Once inside, attackers may manipulate vehicle behavior or extract sensitive data.
- Internal vulnerabilities: Over-the-air (OTA) updates, while essential for maintaining modern vehicles, can become attack vectors if not properly secured. Weak encryption, flawed authentication, or gaps in the update process can be exploited to install malicious code or disrupt vehicle functions.
- Autonomous system threats: Self-driving vehicles rely on real-time decision-making powered by machine learning and sensor fusion. These systems are vulnerable to attacks such as data poisoning, sensor spoofing, or manipulation of inputs—any of which could compromise secure data transmission in autonomous vehicles and lead to unsafe behavior.
These risks demand a multi-layered vehicle cybersecurity approach that addresses both digital infrastructure and vehicle functionality in real time.
DIVIDER
Security challenges for OEMs and suppliers
While cybersecurity threats to connected vehicles are becoming more sophisticated, the real challenge for automakers and suppliers is securing an overly complex ecosystem. Modern vehicles are assembled from thousands of hardware and software components, many sourced from third-party vendors and Tier 1 suppliers. This distributed supply chain makes it difficult to enforce consistent security standards and maintain visibility across the system.
The evolving nature of vehicle software adds to the complexity. Features are no longer fixed at the point of sale—continuous updates, remote diagnostics, and in-field enhancements are now standard. This requires robust lifecycle management to ensure every update, patch, or integration maintains system integrity without introducing new vulnerabilities.
Real-time protection is another major hurdle. Vehicles operate in unpredictable environments and must defend against threats on the move, often with limited computing and power resources. Traditional security models built for static, centralized systems no longer apply. OEMs and suppliers must adopt new strategies that account for real-time detection, secure communications, and the constraints of embedded systems.
Together, these challenges highlight the need for a more adaptive, end-to-end approach to cybersecurity across the entire vehicle lifecycle.
DIVIDER
Consequences of a breach: Real-world examples
The increasing connectivity of modern vehicles has led to significant cybersecurity vulnerabilities. In June 2024, researchers discovered a flaw in Kia's web portal that allowed attackers to remotely track vehicles, unlock doors, and start the ignition on models dating back to 2013. The issue stemmed from insufficient API protections and was only resolved after public disclosure, raising concerns about the security of consumer-facing connected services.
Later that year, a separate breach affected approximately 800,000 electric vehicles across Volkswagen's brands, including Audi and Skoda. The leak exposed highly accurate location data—down to ten centimeters—and personal contact details, accessed through misconfigured cloud storage linked to the vehicle software platform. Although financial data was not compromised, the incident highlighted the risks associated with the large-scale data collection and centralized systems that underpin modern connected vehicles.
These incidents underscore the tangible risks associated with connected vehicles. Beyond compromising safety and privacy, such breaches can lead to costly recalls, legal actions, and long-term reputational damage. They emphasize the urgency for automakers and suppliers to embed security throughout the vehicle lifecycle—from design and sourcing to deployment and updates.
DIVIDER
Navigating regulations and compliance
As cybersecurity threats grow, regulatory mandates are evolving to hold automakers accountable for protecting connected vehicles. Two key standards are shaping the global landscape: ISO/SAE 21434 and UNECE WP.29.
ISO 21434 provides a comprehensive automotive cybersecurity framework for managing risks throughout the vehicle lifecycle, from concept and development to post-production support. It emphasizes risk assessment, threat modeling, and secure-by-design principles.
UNECE WP.29, adopted by many European and Asian countries, requires automakers to implement cybersecurity management systems (CSMS) and demonstrate compliance before selling vehicles. It also mandates ongoing monitoring and incident response capabilities.
Beyond these, automakers must also navigate region-specific mandates in North America, China, and elsewhere, each with its own expectations for reporting, data protection, and supply chain accountability. Staying ahead of these evolving requirements is essential for market access and building consumer and regulatory trust in a connected future.
Together, these requirements reflect the industry's need for a holistic cybersecurity strategy that spans the entire vehicle lifecycle—from development to deployment.
Building a durable foundation for connected vehicle security
Meeting regulatory expectations is only part of the equation. True cybersecurity resilience starts with how vehicles are designed. A secure-by-design approach embeds protection at every layer of the vehicle architecture rather than relying on reactive fixes.
DIVIDER
Key components of a secure vehicle architecture include:
- ECU vulnerability assessment: Identifying and mitigating security weaknesses in individual electronic control units early in the development cycle helps prevent risks from propagating through the system.
- Hardware security modules (HSMs): These tamper-resistant modules safeguard cryptographic keys and enable secure communication between ECUs, ensuring that only authenticated software and messages are accepted.
- Intrusion detection systems (IDS): Embedded within vehicle networks, IDS supports real-time vehicle threat monitoring by analyzing traffic patterns and system behavior to detect anomalies or signs of attack.
- Zero-trust architecture for in-vehicle networks: Rather than assuming internal systems are safe by default, zero-trust models require continuous verification for every interaction. This limits lateral movement and enforces stricter access controls across in-vehicle systems.
- Secure over-the-air (OTA) updates: OTA systems must include strong encryption, authentication, and rollback protections to prevent tampering. They allow for timely software security patches and long-term system resilience when implemented securely.
DIVIDER
The evolving role of emerging technologies in vehicle cybersecurity
As vehicle systems become more complex and data-driven, emerging technologies play a vital role in strengthening cybersecurity. These tools add adaptability, speed, and intelligence to traditional defenses:
- Artificial intelligence: AI helps detect threats in real time by analyzing large volumes of sensor and network data. Unlike static rules, AI models can identify subtle anomalies or patterns that signal emerging attacks, enabling faster, more proactive responses.
- Blockchain: Distributed ledger technology enhances data integrity and trust across the vehicle ecosystem. It is beneficial for securing over-the-air updates, verifying software authenticity, managing digital identities, and tracking component history.
- 5G and edge computing: These technologies reduce latency and enable faster, localized responses to threats. Edge computing processes data closer to the vehicle, supporting real-time vehicle threat monitoring, while 5G provides high-speed connectivity across fleets and connected infrastructure.
DIVIDER
Conclusion
With the rapid evolution of connected, autonomous, and software-defined vehicles, cybersecurity is no longer a back-end consideration—it's foundational to safety, trust, and long-term success. The risks are real, and the consequences of a breach can be severe, affecting not just data, but lives, infrastructure, and brand reputation.
Meeting these challenges requires a multi-layered approach that includes secure design, regulatory compliance, real-time protection, and emerging technologies. Yet, no single player can solve this alone. OEMs, suppliers, software vendors, and even consumers all have a role to play in building a secure automotive future.
Collaboration and vigilance will be essential as threats evolve and vehicles become more integrated with digital ecosystems. The road ahead demands bold innovation and lasting resilience.
To learn how UST is helping leading automakers strengthen connected vehicle security across software-defined systems, contact us to explore the future of mobility.
Resources
https://www.ust.com/en/insights/cyberattacks-in-the-ev-industry-a-disruption-waiting-to-happen