Automotive Cybersecurity : Connected Cars & EVs

Automotive Resource
April 2023

As vehicles become increasingly connected, they are becoming more vulnerable to cyberattacks. Hackers can exploit vulnerabilities in the vehicle's software, hardware, or network to gain control of the vehicle, steal data, or cause physical damage. The automotive industry is committed to protecting the safety and security of its customers. Automotive cybersecurity is the protection of automotive systems & processes from malicious cyber attacks but automotive cybersecurity is a complex and evolving field.

Connected cars automotive cyber threats

Remote attacks on connected cars have been a major concern for many years, but the trend is only accelerating as “vehicle-to-everything” (V2E) systems . Remote hacking is one method used to remotely hack into a vehicle's computer systems, including exploiting vulnerabilities in the software, using phishing attacks to trick the driver into clicking on a malicious link, or using a nearby Wi-Fi hotspot to intercept data. Hackers can gain unauthorized access to a vehicle's computer systems and steal sensitive data, such as driver's license numbers, credit card numbers, and home addresses using a vulnerable surface data breach.

Vehicle takeover is the method tried by a few hacking groups to take control of VIPs' vehicles, including remotely disabling the brakes, steering, or accelerator. This could lead to accidents or other dangerous situations. Hackers can also use physical attacks to disable or damage a vehicle's electronic systems. This can be done by tampering with the vehicle's wiring, hacking into the vehicle's computer systems, or using a jammer to interfere with the vehicle's communications. Security researchers discovered Bluetooth-based relay attacks that can remotely unlock and operate Tesla vehicles is one such example for these cyber attacks.

Are Electric Vehicles free from Cyber Threats ?

As the Asia-Pacific market for EVs is increasing day by day, hackers are also keeping an eye on this sector. The Security flaws in EV charging stations could allow an attacker to receive free vehicle charges, or lock up the charging station completely. Schneider Electric is the one such company that announced patched security vulnerabilities in their EVlink range of electric vehicle charging stations that left them exposed to denial-of-service attacks. So if you are an EV Charging station provider make sure you perform a thorough security review on it to eliminate these kinds of cyber attacks.

Why are hackers targeting the automotive industry ?

Car Makers have already started offering subscription-based access to driving data from 3.7 million Smart Cars & EVs to commercial facilities and other clients. This billion-dollar business makes a tempting target for hackers to push attacks even in its supply chain. The hackers are targeting the value of the automotive data that can be stolen from vehicles. Vehicles contain a wealth of data about their owners, including their location, driving habits, personal information , vehicle's location, speed, and engine performance. This data is valuable to hackers, who can use it for a variety of purposes, such as identity theft, fraud, or even physical attacks etc.

Ensuring security in Automotive Sector: Automotive security Operations Centre (ASOC)

Car manufacturers need to take extra precautions to secure their vehicles and the rest of the supply chain in order to defend themselves against cyberattacks. Car manufacturers need to take extra precautions to secure their vehicles and the rest of the supply chain in order to defend themselves against cyberattacks. Collaboration and information exchange with partners can be improved to improve threat awareness and reaction. The security of automobile parts is heavily dependent on partners like third-party vendors. So Carmakers need to be more proactive in addressing cyber security risks by continuously monitoring, detecting, and analyzing the threat landscape.

Carmakers can also build an automotive security operations centre (ASOC) to secure their connected cars with the help of cyber security partners like Strava Cyber Labs - A Cyber Defence Centre. The CTC 18 Unit of Strava Cyber Labs can help the Carmakers to build a Next Gen SOC that covers automotive cyber security which ensures a quicker response to incidents and protects entire vehicle fleets from attacks. Along with SOC, the development of new security standards in the automotive industry help to protect vehicles from cyberattacks. These standards must cover a range of areas, such as software development, system architecture, and data security. The adoption of new security technologies in this sector, such as encryption, intrusion detection systems, and cyber security products also strengthen the automotive industry from cyberattacks.

Want to learn more about setting up an Automotive Security Operations Centre (ASOC) to secure the makers from evolving cyber threats? Speak with Strava Cyber Labs, CTC 18 Unit team of experts today.
About Strava Cyber Labs (P) Ltd - A Cyber Defence Centre
As a Cyber Defence Centre, Strava Cyber Labs (P) Ltd, lead the effort to understand, manage, and reduce risk in the cyber space of government, critical infrastructure, and business across the Globe. Visit for more information.