Blogs -Top 5 Security Risks for Connected Cars

Top 5 Security Risks for Connected Cars


June 13, 2018

author

Beth Kindig

Lead Tech Analyst

The global market for connected cars will grow by 270% by 2022 with 125 million passenger cars expected to ship worldwide between 2018 and 2022.1 By 2020, it’s estimated that UK, France and Germany will reach 100% connected car penetration. Growth in the European region is due to the eCall mandate which requires new cars to automatically dial the 112 emergency number in the event of a serious accident.2 While North America and Europe lead in the highest percentage of shipments, China accounts for 32% of shipments.

The list of connected features enjoyed by consumers that add more opportunities for security attacks include streaming radio, Wi-Fi access points and remote-control mobile phone applications. However, with these conveniences comes responsibility. The recent death of a woman in Arizona who was struck by an Uber in autonomous mode has put a spotlight on what can go wrong in connected vehicles as manufacturers seek to introduce more high-tech features to remain competitive to car buyers. Not surprisingly, 68% of Americans are fearful of cars with self-driving features.3

The increasing number of smart features built into cars opens door to a serious threat – hacker attacks. Because connected cars are linked with the Internet and its crucial parts are interconnected over a network, adversaries have the potential to remotely access and manipulate the data being exchanged leading to a number of problems, such as leaked personal information, overcoming vehicle’s security mechanisms, or even full remote control of the car.

Threats to the Connected Car

Innovative automakers, software developers, and tech companies are transforming the automotive industry. Drivers today enjoy enhanced entertainment, information options and connection with the outside world. As automobiles move towards more autonomous capabilities, the stakes will raise in regards to security. Even if cars are not entirely driverless, the functions will become increasingly dependent on applications, connectivity, and sensors. Vehicle-to-vehicle (V2V) and Vehicle-to-Infrastructure (V2I) allow the car to communicate with other cars and infrastructure such as traffic lights. Vehicle speed adjustments, telematics, and AI voice recognition and interfaces will become common features.

The rapid increase of these technologies inevitably creates the risk of hackers gaining access and control to the essential functions and features of those cars and utilizing information on drivers’ habits for commercial purposes without the drivers’ knowledge or consent.

Here are some of the risks for connected cars:

  • Stealing personally identifiable information(PII): Today, sensors generate 25 GB of data per hour and this is expected to double considering there will be 200 sensors installed in connected cars by 2020 up from 100 sensors in 2015. Once autonomous vehicles become mainstream, the 17,600 minutes Americans spend driving annually will equate to 300 TB of data per year.4 Financial information, personal trip information, location information and entertainment preferences are just some examples of PII that can potentially be stolen through a vehicle’s system.

  • Connection security: Like other connected devices, vendor implementation flaws are often exploited by researchers for proof-of-concept attacks. However, it is inevitable that these will be followed by real life attacks. The current poor state of security on connected cars creates a tempting target for cyber criminals.

 

  • Manipulating a vehicle’s operation: Catastrophic incidents resulting in personal injury and lawsuits may be in the near future. Well-known cybersecurity researchers Charlie Miller and Chris Valasek have demonstrated several proof-of-concept attacks where they were able to control the braking and steering of a car by accessing the adaptive cruise control system.5 Although costly and with a lower likelihood than data breaches and unauthorized entry, this sort of attack has now been proven possible to a global audience.

 

  • Unauthorized vehicle entry: Car thieves now have a new way to gain entry into locked vehicles. Many vehicle technologies have opted to replace physical ignition systems with keyless systems using mobile applications or wireless key fobs. These new access mechanisms mean that methods of obtaining illicit entry include intercepting the wireless communication between the vehicle and the mobile application or between the wireless fob and the vehicle to gain entry credentials, among other methods. The New York Times has documented methods such as wireless key emulation devices and “power amplifiers” that increase the range of the wireless signal looking for the entry credentials. If the owner is in a house or other location close to the car, criminals can then gain entry when their wireless fob responds.6

 

  • Mobile application security: As more automobile manufacturers release mobile applications that communicate with cars, mobile applications are quickly becoming a major target for malicious behavior. One example of a flaw in a mobile application happened when Nissan had to pull its NissanConnect EV application for the Nissan Leaf.7 The poor security of the application allowed security researchers to connect to the Leaf via the Internet and remotely turn on the car’s heated seating, heated steering wheel, fans and air conditioning. In an electric car, this meant the possibility a malicious actor could drain the battery of an unsuspecting owner. Mobile applications themselves can be vulnerable in a number of ways. According to Gartner, 75% of mobile applications would fail basic security tests.8 Mobile operating systems themselves are a source of concern—over the last four years, there has been a 188% increase in the number of Android vulnerabilities and a 262% increase in the number of iOS vulnerabilities.9
head bg

More To Explore

Newsletter

Oracle logo glowing above a digital platform with circuit patterns, symbolizing technology and AI growth.

Oracle Soars After Earnings – Is ORCL Stock Still a Buy?

The market is clearly excited about this report, and for good reason. Remaining performance obligations (RPO) grew 359% YoY with cloud RPO growing “nearly 500%” on top of 83% growth last year. Another

September 11, 2025
a futuristic crystal ball displaying Nvidia with digital circuit patterns and stock market graphics.

Nvidia Stock Forecast: The Path to $6 Trillion

Two years ago, the April 2023 quarter delivered a historic 18% beat, followed by an even bigger 30% beat in July 2023. Compare that to the most recent quarter ending July 2025 — just a 4% beat, the sm

September 05, 2025
A close-up, low-angle shot of a physical Bitcoin coin surrounded by a glowing, intricate circuit board.

Bitcoin Bull Market Guide: When to Hold, Trim, or Re-Enter (Webinar) 

Our track record including a more recent 600% move in Bitcoin is not the product of hype but of a systematic framework—one built on technical analysis, on-chain metrics, and a close watch on global li

August 28, 2025
A smartphone with the Reddit app open, from which a rising stock chart graph is emerging.

Reddit Stock Blows the Doors Off - Can it Last?

Reddit’s stock has surged 62% in one month, easily placing the company’s earnings report as one of the best to come out of the tech sector this quarter. The world’s leading forum site has only 416 mil

August 20, 2025
Orange toolbox labeled 'ServiceNow' with digital interface displaying AI and data analytics dashboard, surrounded by various tools.

ServiceNow Q2 Earnings: Inside the AI Push Toward $1 Billion ACV by 2026

Last month, after ServiceNow reported second quarter results that exceeded expectations on multiple fronts, shares of NOW rose by 6%. The company is attempting to reposition itself beyond a provider o

August 14, 2025
Silhouette of a bull in front of a glowing Bitcoin coin, symbolizing a cryptocurrency bull run with potential market risks.

Is Bitcoin’s Bull Run Nearing a Top? What the Herd Missed at $16,000 and is Missing Now 

In late 2022, when Bitcoin was trading near $16,000, the I/O Fund issued a Strong Buy Alert. At the time, many of the market’s biggest crypto bulls were silent. Fast forward to today, Bitcoin is up ov

August 08, 2025
S&P 500 market forecast showing potential correction signs and key buy levels for 2025, based on technical analysis and investor sentiment trends.

Is the S&P 500 Overdue for a Correction? 2025 Forecast & Buy Levels to Watch

In our last Broad Market Report titled, Historic Uncertainty Meets $7 Trillion Dollar Debt Wall: What Comes Next For The S&P 500, the S&P 500 was trading near 5800 and still well below its February hi

August 01, 2025
A puzzle visually depicting different tech platforms and investments influencing search market share

Google Stock Clears Major Hurdle, Yet One Serious Concern Remains

This week, Google cleared a major hurdle with Search accelerating from 10 points of growth last quarter to 12 points this quarter -- putting to rest many doubts that Search monetization is at risk giv

July 27, 2025
Oracle stock forecast exploring potential to reach $1 trillion valuation as AI demand grows

Can Oracle Become the Next $1 Trillion AI Stock?

When it comes to AI cloud leaders, Oracle is not often mentioned, yet the company is quickly positioning itself to lead among Microsoft, Amazon and Alphabet when it comes to cloud growth over the next

July 18, 2025
Robinhood crypto trading volume vs. transaction revenue Q2 2025

Robinhood Stock: Spot Crypto Volumes May Lead to Incoming Volatility

Robinhood’s fundamental transformation over the past two years has been nothing short of remarkable. Crypto is driving strong revenue growth at 50% YoY in Q1, while TTM operating margin is approaching

July 11, 2025
newsletter

Sign up for Analysis on
the Best Tech Stocks

https://bethtechnology.cdn.prismic.io/bethtechnology/e0a8f1ff-95b9-432c-a819-369b491ce051_Logo_Final_Transparent_IOFUND.svg
The I/O Fund specializes in tech growth stocks and offers in-depth research for Premium Members. Investors get access to a transparent portfolio, a forum, webinars, and real-time trade notifications. Sign up for Premium.

We are on social networks


Copyright © 2010 - 2025