A car on the brink of being hacked: how cyberthreats infiltrate vehicles straight from the factory.
Modern cars have effectively turned into rolling computers — with constant online connectivity, over-the-air updates, and software measured in tens of millions of lines. But along with the convenience comes a growing risk: cyberattacks. According to security researcher Eaton Zveare, automakers are already dealing with breaches they aren’t even aware of. He calls the situation “a ticking time bomb” and argues that the industry is severely underinvesting in cybersecurity.
The danger is hard to ignore: if a vehicle is compromised, an attacker could potentially interfere with steering or braking, or access massive amounts of personal data. At this year’s DEF CON, experts openly discussed just how easy it is to break into automotive systems today. The ballooning number of electronic control units only makes things worse — from roughly 30 units in 2000 to as many as 150 in today’s high-end models.
The industry is trying to respond. Groups like GlobalPlatform — which brings together carmakers, tech firms, and government organizations — are working on a unified security framework for future autonomous vehicles, along with tools to fight off intrusions. Yet many brands continue practices that run counter to security concerns, such as collecting personal data and sharing it with third parties. The case involving GM and OnStar showed how easily information can end up with insurance companies without the owner ever knowing.
Until cybersecurity becomes a true priority, the risks — both for automakers and for drivers — will only continue to grow.