Automotive Cybersecurity Threats Grow in Era of Connected, Autonomous Vehicles

VULNERABILITIES & THREATS CYBER RISK Cybersecurity In-Depth: Feature articles on security strategy, latest trends, and people to know. Automotive Cybersecurity Threats Grow in Era of Connected, Autonomous Vehicles More than a decade since the 2015 Jeep hack, the cybersecurity of vehicles remains of the utmost importance. Bree Fowler,Contributing Writer March 26, 2026 4 Min Read SOURCE: HENRIK5000 VIA ISTOCK PHOTO RSAC 2026 CONFERENCE — San Francisco — Automotive security has made great strides over the past 10 years, ever since a pair of researchers first demonstrated they could remotely take control of a Jeep Cherokee. However, threats to vehicles have also heightened, thanks to the increasingly connected nature of vehicles, Kamel Ghali, vice president of the nonprofit Car Hacking Village, and Julio Padilha, chief information security officer for Volkswagen & Audi South America, said at RSAC Conference this week.  "A totally connected system means threats," Padilha said. "It's a dangerous situation. You have to be aware. You have to fix this to have a properly secured vehicle." Recalling the Infamous Jeep Hack During the presentation, Ghali alluded to, but didn't specifically name, the 2015 hack of a Jeep Cherokee by researchers Charlie Miller and Chris Valasek. The pair remotely took control of the Jeep's infotainment system and connected to the vehicle's communications system, ultimately gaining control over everything, from the air conditioning controls to its steering and transmission. The news prompted Chrysler, Jeep's parent company at the time, to recall 1.4 million vehicles.  Related:Beauty in Destruction: Exploring Malware's Impact Through Art It was also a wake-up call for the auto industry as a whole.  "They're computers on wheels now," Padilha said. Modern cars are also potential weapons. If control of one is taken away from its driver, it could have deadly consequences. Loading... Those worries have only grown as vehicles have become more sophisticated and connected, to the point that some are now driving themselves, Ghali said. He pointed to the driverless Waymo robotaxis cruising the streets just outside the conference in San Francisco and other cities. "We've given cars, the computers inside these cars, the ability to make decisions on where to go, how fast to go, where to turn, where to brake," he said. "And that is really convenient, but it also comes with, again, a great responsibility." At the same time, vehicles and their components are becoming increasingly complex, Ghali said. He noted that each vehicle make involves a massive network of suppliers, each writing its own code. In total, you're looking at several million lines of code for every car and truck on the road, he says.  Adding to that technical complexity, vehicles are wirelessly connecting with apps and data is being collected for analytics and other purposes. But despite that, much of this technology has historically been implemented by people who don't specialize in cybersecurity, Ghali said. Automotive engineering and cybersecurity are both highly technical fields, and it's rare to find people who are experts in both, he said. Related:Pwn2Own Underscores Secure Development Concerns Taking Steps to Security In recent years, governments around the world have become increasingly concerned about vehicle security and have taken steps to regulate it. Ghali pointed to the 2021 adoption of UN Regulation No. 155, which was adopted by 63 countries, including the entire European Union, the UK, Japan, and South Korea. It requires manufacturers to demonstrate that their vehicles have undergone cybersecurity assessments and that they can develop and maintain secure vehicles for the 10 to 15 years they're expected to be on the road. Meanwhile, security researchers continue to do what they do best. While the industry will likely never forget the Jeep hack of 2015, researchers continue to publish high-quality research on vehicle vulnerabilities, Ghali said. He pointed to his own organization, which presents at several security conferences each year and puts on the popular Car Hacking Village at DEF CON in Las Vegas each August.  Automotive cybersecurity will need to continue evolving as threats do, Ghali said. AI is already reshaping the threat landscape, and post-quantum encryption protections will soon be a must. Related:Critical Flaw in Langflow AI Platform Under Attack Padilha, of Volkswagen & Audi, says he sees autonomous vehicles as the future of the auto industry. It is investing a lot to ensure that those vehicles, along with the systems that control them, are safe, he said. "We are in good shape right now to protect vehicles, but it's important to see what we can do better," Padilla said. "And it's important to keep in mind that it's not easy work. It's not an easy job to protect vehicles. It's a challenge, and we have to face it." About the Author Bree Fowler Contributing Writer Bree Fowler writes about cybersecurity and digital privacy. Previously, she was a senior writer for CNET. Prior to joining CNET, she reported for The Associated Press and Consumer Reports. A Michigan native, she's a long-suffering Detroit sports fan, world traveler, three-star world marathoner, and champion baker of over-the-top birthday cakes and all things sourdough. Want more Dark Reading stories in your Google search results? ADD US NOW More Insights Industry Reports Frost Radar™: Non-human Identity Solutions 2026 CISO AI Risk Report Cybersecurity Forecast 2026 The ROI of AI in Security ThreatLabz 2025 Ransomware Report Access More Research Webinars Building a Robust SOC in a Post-AI World Retail Security: Protecting Customer Data and Payment Systems Rethinking SSE: When Unified SASE Delivers the Flexibility Enterprises Need Securing Remote and Hybrid Work Forecast: Beyond the VPN AI-Powered Threat Detection: Beyond Traditional Security Models More Webinars You May Also Like VULNERABILITIES & THREATS Cheap Hardware Module Bypasses AMD, Intel Memory Encryption by Rob Wright NOV 25, 2025 VULNERABILITIES & THREATS Patch Now: Microsoft Flags Zero-Day & Critical Zero-Click Bugs by Jai Vijayan, Contributing Writer NOV 11, 2025 VULNERABILITIES & THREATS AI Agents Fail in Novel Ways, Put Businesses at Risk by Robert Lemos, Contributing Writer MAY 07, 2025 CYBERATTACKS & DATA BREACHES DeepSeek Breach Opens Floodgates to Dark Web by Emma Zaballos APR 22, 2025 Edge Picks APPLICATION SECURITY AI Agents in Browsers Light on Cybersecurity, Bypass Controls CYBER RISK Browser Extensions Pose Heightened, but Manageable, Security Risks CYBERSECURITY OPERATIONS Video Convos: Agentic AI, Apple, EV Chargers; Cybersecurity Peril Abounds ENDPOINT SECURITY Extension Poisoning Campaign Highlights Gaps in Browser Security Latest Articles in The Edge CYBERSECURITY OPERATIONS How Organizations Can Use Blunders to Level Up Their Security Programs MAR 26, 2026 CYBER RISK Why a 'Near-Miss' Database Is Key to Improving Information Sharing MAR 25, 2026 СLOUD SECURITY CSA Launches CSAI Foundation for AI Security MAR 24, 2026 ENDPOINT SECURITY Ransomware's New Era: Moving at AI Speed MAR 23, 2026 Read More The Edge Want more Dark Reading stories in your Google search results?