How Automotive Companies Are Securing Connected Vehicles

The modern car is no longer a stand-alone machine. Vehicles are now computers on wheels with constant connectivity to external systems. This shift creates opportunities for safer, more efficient driving but also brings new cyber security challenges. The rise in vehicle hacking incidents, data theft, and remote manipulation of cars has placed this issue at the centre of global discussions.

This blog is written for business leaders in the automotive sector, IT professionals, and security officers who need to understand the risks of connected vehicles. It also offers value to students and individuals who want to expand their awareness of cyber security in transport.

Connected vehicles use technologies such as Wi-Fi, Bluetooth, 4G, 5G, and vehicle-to-everything (V2X) systems. These connections enable over-the-air updates, predictive maintenance, driver assistance, and infotainment services. While these features improve user experience, they also increase the attack surface for cyber criminals.

If you drive a connected car or build systems for them, you need to know how automotive companies are addressing these risks. Ignoring the threat could mean personal data exposure, compromised road safety, and serious reputational damage for manufacturers.

The more connected a vehicle becomes, the more exposed it is to external attack. Cars today communicate with cloud servers, mobile devices, charging stations, and even other vehicles. This constant flow of data opens up opportunities for criminals to exploit weak links.

One well-known incident was the Jeep Cherokee hack in 2015. Security researchers remotely took control of a Jeep through its infotainment system and manipulated steering, brakes, and acceleration. This demonstration forced Chrysler to recall 1.4 million vehicles (Greenberg, 2015). Such real-world cases highlight the dangers of insecure connected systems.

Modern threats include ransomware, denial of service, and theft of sensitive data. Attackers target both the vehicle and the backend servers that support it. In 2022, Upstream Security reported a 380 percent increase in automotive API attacks compared with 2021 (Upstream Security, 2022). APIs are central to vehicle communication, which makes them a priority for attackers.

If these risks are ignored, the consequences are serious. Criminals could track vehicles, intercept communications, or remotely disable safety features. For businesses, the fallout is financial losses, regulatory penalties, and erosion of customer trust. For drivers, it could mean compromised safety on the road.

Connected vehicles often contain multiple entry points for attackers. Infotainment systems, keyless entry, telematics units, and mobile apps all present vulnerabilities if not secured properly.

For example, researchers have demonstrated how poor encryption in keyless entry systems allowed them to clone signals and unlock vehicles without physical keys. Insurance companies in the UK have reported rising cases of relay thefts where criminals use inexpensive radio devices to intercept key fob signals and steal cars in under two minutes.

Another weak point lies in software supply chains. Vehicle manufacturers often rely on third-party providers for infotainment platforms, navigation systems, and cloud services. If any of these suppliers suffer a breach, attackers may gain indirect access to the vehicle network. The SolarWinds incident in 2020 showed how supply chain compromises have global impact. In the automotive sector, such risks are multiplied because vehicles have long lifecycles and depend on continuous software support.

Connected charging stations for electric vehicles present new vulnerabilities as well. A compromised charging station could allow criminals to steal billing information or spread malware to vehicles during charging.

These examples show how wide the attack surface has become. A single weakness in one component may compromise the entire system.

The urgency of automotive cyber security grows for three main reasons.

First, vehicle connectivity is increasing. By 2030, analysts predict that 95 percent of new cars sold worldwide will have internet access (Statista, 2023). This means billions of vehicles will be potential targets. For example, in 2022 researchers found flaws in APIs used by several leading manufacturers. These flaws exposed data such as vehicle location and allowed remote unlocking in some cases. The more cars connect to cloud services, the more opportunities exist for such exploits.

Second, the value of data is rising. Connected vehicles collect information about driver behaviour, location history, and personal preferences. This data is attractive to both advertisers and cyber criminals. Once exposed, drivers lose control of their privacy. For example, in 2021 a major US car manufacturer disclosed that a third-party service had leaked customer data including names, addresses, and vehicle identification numbers. In the UK, police have also warned that stolen telematics data from vehicles can be sold on the dark web to organised crime groups who track and target high-value cars.

Third, regulators are applying pressure. The United Nations introduced Regulation No. 155 on cyber security management systems for vehicles. This requires manufacturers to demonstrate that they have security processes in place across the supply chain. In the UK, the Department for Transport also published key principles for vehicle cyber security. These standards push companies to act now or risk non-compliance. A practical example is Toyota’s recall of thousands of cars in 2022 to patch software vulnerabilities in its telematics system to align with new security requirements. Manufacturers who ignore these rules face fines, restrictions, or reputational damage.

The combination of mass connectivity, valuable data, and legal obligations makes automotive cyber security one of the most urgent technology challenges today.

Automotive companies are adopting a range of measures to secure vehicles. These steps provide practical lessons for businesses and individuals.

Encryption is the foundation. Data moving between a vehicle and external servers must be encrypted to prevent interception. Strong authentication protocols help ensure that only authorised systems can communicate with the vehicle.

Regular software updates are also critical. Over-the-air updates allow manufacturers to patch vulnerabilities without requiring drivers to visit service centres. To work effectively, the update process itself must be secure and protected against tampering.

Segmentation of networks is another defence. By separating safety-critical systems like braking and steering from infotainment or mobile applications, companies reduce the risk of an attacker gaining full control through a single entry point.

Security testing must take place at every stage of development. Penetration testing, red teaming, and simulated attacks allow companies to identify weaknesses before criminals exploit them. Following recognised frameworks like NIST Cybersecurity Framework and ISO/SAE 21434 ensures consistency and compliance with best practice.

For businesses building automotive solutions, Cybergen recommends adopting a security by design approach. This means integrating security into every stage of product development, from concept through to deployment and ongoing monitoring.

Preventive measures are not enough on their own. Companies also need strong monitoring and incident response strategies.

Security operations centres (SOCs) focused on automotive systems help detect abnormal activity in real time. This might include unexpected data flows from a telematics unit or repeated failed login attempts on a mobile app. Early detection prevents small intrusions from escalating into larger compromises. For example, in 2022 a European manufacturer used its SOC to identify a large-scale credential stuffing attack targeting its connected vehicle portal. Attackers attempted thousands of logins using stolen credentials. Quick action by the SOC blocked the activity before any customer accounts were compromised.

Incident response plans must be tested and rehearsed. If a vulnerability is exploited, companies need clear procedures to contain the attack, notify regulators, and restore services quickly. Public communication is also important to maintain customer trust. A clear example was Honda’s global incident in 2020 when attackers attempted to disrupt internal systems. The company activated its response plan, shut down some operations, and issued public updates to reassure customers.

Artificial intelligence and machine learning are increasingly used to support monitoring. These technologies analyse large volumes of data from vehicles and backend systems to identify suspicious behaviour. For example, AI may detect unusual command sequences sent to a vehicle, triggering an alert before damage occurs. A leading electric vehicle company now uses anomaly detection models to monitor over-the-air updates. This system has prevented unauthorised code injection attempts by flagging suspicious activity.

Companies that fail to prepare for incidents face extended downtime, financial losses, and regulatory penalties. Those with mature monitoring and response strategies recover faster and protect their reputation.

Technology alone does not solve the problem. Human behaviour plays a central role in cyber security. Automotive companies must foster a strong security culture across all teams.

Employees should receive regular training on secure coding practices, phishing awareness, and incident reporting. Engineers and designers must prioritise security as much as performance or aesthetics. Procurement teams must assess suppliers not only for cost and quality but also for cyber resilience.

Leadership commitment is vital. Executives who make cyber security a board-level issue ensure resources and budgets are allocated properly. When leaders set the tone, employees follow.

Clear accountability also matters. Each department should understand its role in protecting connected vehicles. Shared responsibility avoids gaps that attackers might exploit.

A culture of security encourages proactive action. Teams report issues quickly, challenge unsafe practices, and continuously improve. Without this culture, even the most advanced technologies will fail.

Looking ahead, the complexity of connected vehicles will continue to grow. Autonomous driving technologies, advanced driver assistance systems (ADAS), and integration with smart cities will all expand the attack surface. A single vulnerability could have life-threatening consequences. For instance, in 2022 researchers demonstrated that flaws in lidar sensors used by some ADAS platforms could be manipulated with projected light signals. In a controlled environment, they tricked the system into detecting obstacles that were not there, forcing the vehicle to stop suddenly. If left unchecked, such attacks could be weaponised to disrupt traffic or cause accidents on busy roads.

Quantum computing poses another long-term challenge. Once practical, quantum computers will be able to break many of the cryptographic methods currently protecting vehicles. Automotive companies need to prepare for post-quantum cryptography to ensure future resilience. The shock factor here is clear. Algorithms considered secure today could be obsolete within a decade. This means encrypted vehicle-to-vehicle and vehicle-to-infrastructure communications could be intercepted and decoded, exposing sensitive data about driver locations and fleet operations.

Positive developments are also emerging. Collaboration between manufacturers, governments, and cyber security providers is strengthening. Initiatives such as Auto-ISAC (Information Sharing and Analysis Centre) help companies share intelligence about threats. This collective approach increases the speed of response across the industry. For example, in 2021 Auto-ISAC issued alerts on vulnerabilities found in popular telematics units, enabling members to patch systems before attacks spread.

For drivers, awareness will become as important as for companies. Knowing how to protect personal data, recognising signs of compromise, and keeping software updated will be part of responsible vehicle ownership. A driver who ignores system update notifications might expose their car to known exploits, as happened in several cases where criminals remotely accessed unpatched infotainment systems to unlock doors.

The future will demand constant adaptation. Threats are advancing faster than many companies are adapting today. A single overlooked weakness in a smart vehicle could lead to mass recalls, brand damage, or public safety crises. Automotive companies that invest in security now will be better prepared for what comes next.

Connected vehicles bring benefits but also serious cyber security risks. Attacks on cars are no longer theoretical. They are real, increasing, and impactful. The industry has a responsibility to protect drivers, data, and public safety.

Automotive companies are adopting measures such as encryption, network segmentation, over-the-air updates, monitoring, and incident response. Yet the most important factor is a culture of security where people and processes align with technology.

If you are part of the automotive sector or work with connected systems, now is the time to act. Cybergen provides services that help organisations build strong defences and comply with regulations. Learn more at www.cybergensecurity.co.uk/contact.

The road ahead will only grow more connected. By prioritising cyber security today, you help create safer vehicles and protect the future of transport.

References

Greenberg, A. (2015) Hackers Remotely Kill a Jeep on the Highway—With Me in It. Wired. Available at: https://www.wired.com/2015/07/hackers-remotely-kill-jeep-highway/ (Accessed 15 September 2025).

Statista (2023) Connected car sales worldwide 2020-2030. Available at: https://www.statista.com/statistics/274472/forecast-of-connected-cars-on-the-market-worldwide/ (Accessed 15 September 2025).

Upstream Security (2022) Global Automotive Cybersecurity Report. Available at: https://upstream.auto/reports/global-automotive-cybersecurity-report-2022/ (Accessed 15 September 2025).

When Cyberattack Meets Industry: The JLR Case and What It Means for UK’s Auto Sector

September 15, 2025

When Jaguar Land Rover (JLR) was hit by a cyberattack, the ripple effects were immediate—not only shutting down its own production, but dragging much of its supply chain into uncertainty and putting thousands of jobs at risk. The story has raised important questions about how the UK protects key industries, supports workers, and builds resilience to digital threats. What Happened JLR had to halt production because its vital systems were compromised by the cyberattack. Sky News reports the shutdown has already lasted 12 days. The disruption isn’t confined to its own factories; many smaller suppliers (in JLR’s upstream and downstream networks) are also severely affected. Some suppliers have temporarily laid off around 6,000 staff . Workers at JLR itself (around 34,000 in the UK) remain off-work while the company restores systems. Key unions and the Business & Trade Committee (a group of MPs) are pushing for government intervention, calling for COVID-style financial support to help the supply chain and prevent loss of jobs. Why This Matters Supply Chain Fragility The incident underscores how tightly interwoven modern manufacturing is. Even when only one big firm is attacked, the effect cascades across dozens of smaller suppliers. Cashflow disruption in these smaller firms can lead to layoffs, insolvency, and loss of skills. Digital Risk Is Industrial Risk Cyberattacks aren’t just an IT problem. When companies rely on digital systems for production scheduling, hardware control, robotics, cross-site networks or cloud services, any breakdown can stop physical manufacturing altogether. Workers at the Brink Employees in smaller firms, often with fewer resources and less buffer capital, are particularly vulnerable. With no production and no income, many are under immediate financial stress. Policy & Government Role The calls from MPs for emergency schemes are reminiscent of measures used during COVID-19, meant to protect workers and businesses through unprecedented disruption. Such interventions are costly and complex, but may be essential to preserve industrial capacity in critical sectors. Reputation, Trust & Resilience Disruption of this kind damages not just immediate output, but also long-term trust with suppliers, investors, and customers. How fast a firm recovers—and how transparently it handles the attack—matters. What’s Being Proposed The Business & Trade Committee has asked Chancellor Rachel Reeves what kind of support is being offered to JLR’s suppliers to “mitigate the risk of significant long-term commercial damage.” Trade union Unite has suggested introducing a temporary furlough-style scheme specifically for workers in the supply chain. The idea is to preserve jobs while production is down. What Questions Remain How extensive is the damage to JLR’s systems, and how long will recovery take? The longer downtime goes on, the greater the economic risk. Which suppliers are most exposed, and how many might not survive prolonged cashflow disruption? What legal/regulatory obligations does JLR have to its suppliers versus its employees during such an attack? What kind of support package will the government realistically offer—will it be reactive, or will it structure something that gives industry confidence there’s a safety net? How will this event change how other companies plan for cyber resilience and business continuity? Lessons & Takeaways for Industry Prepare for Worst-Case Downtime : Firms need robust continuity plans. Not just backup of data, but plans for restoring production safely, fallback procurement options, etc. Ensure Adequate Cyber Defences : This includes not only perimeter protection but also rapid detection, segmentation (so problems in one system don’t immediately spread), and patching. Supply Chain Visibility : Know your suppliers well: their vulnerabilities, financial health, and contingency plans. If many small suppliers go under, the big OEMs feel the pain. Insurance & Risk Sharing : Evaluate whether cyber risk insurance can cover parts of the losses; maybe explore contractual risk sharing in the supply chain. Advocacy & Policy Engagement : Businesses need to work with government to design support mechanisms that can be deployed in these kinds of emergencies—both to protect industry and the workforce. What This Means Going Forward The JLR incident is likely to be a wake-up call. It shines a light on how modern industrial strength depends heavily on digital stability and resilient supply chains. For workers and smaller suppliers, the stakes are very high. The government’s response will test how well policy keeps up with the new kinds of risk in a tech-infused manufacturing age. For Jaguar Land Rover and its partners, this could bring into sharper focus investment in cyber resiliency, revisiting insurance, revising contracts with suppliers, and being proactive with contingency planning. Summary Jaguar Land Rover’s cyberattack is more than a headline; it’s a case study in how digital vulnerabilities can threaten real-world operations, jobs, and economic stability. As the UK grapples with how best to support its industrial base, it must weigh up not just the immediate financial aid, but the wider architecture of resilience: legal, technological, and economic.