Vehicle cybersecurity: Protection from digital carjacking

• Author:
• Author name

  Quantumrun Foresight
• December 15, 2021

Insight summary

As vehicles become more integrated into the digital ecosystem, they gain enhanced capabilities but also face increased cybersecurity threats. The rise in vehicle connectivity has led to a demand for more efficient and secure online connections, prompting the development of new solutions and services in the automotive industry. However, this evolution also brings challenges, including potential vulnerabilities to cyber attacks, the need for ongoing cybersecurity maintenance, and implications for job markets and consumer costs.

Vehicle cybersecurity context

In our increasingly interconnected world, vehicles are no longer standalone entities, but rather, integral components of a vast digital ecosystem. This ecosystem, known as the Internet of Things (IoT), allows vehicles to connect to various systems and devices through Wireless Local Area Networks (WLAN), which include Wi-Fi and Bluetooth. Once connected, these vehicles gain the ability to transmit and receive data, download system updates, and offer users access to a range of smart features through dedicated mobile applications. This connectivity is particularly prevalent in electric vehicles (EVs), which are projected to represent 58 percent of global vehicle sales by 2040.

This rise in vehicle connectivity has led to an increased demand for software and interface providers who can make these online connections not only more efficient but also more secure. The reason for this is simple: as vehicles become more connected, they also become more vulnerable to cyber threats. Cybersecurity is rapidly becoming a critical aspect of smart car manufacturing. Cybercriminals, always quick to adapt to new technologies, are learning to exploit various entry points, such as applications and wireless connections, making the task of securing these vehicles all the more challenging.

However, this challenge also presents an opportunity. As the demand for secure vehicle connectivity grows, so too does the potential for businesses and industries to develop new solutions and services. This trend could lead to the creation of new jobs and the growth of new sectors within the automotive industry. At the same time, it also underscores the importance of cybersecurity education and awareness, not just for industry professionals, but for everyday users as well. 

Disruptive impact

The increasing connectivity of vehicles brings with it a host of potential vulnerabilities that could be exploited by malicious actors. For instance, hackers could potentially gain control of a manufacturer's servers, pilfering customer data or intercepting communications during on-board diagnostics. This situation underscores the importance of robust cybersecurity measures, not only in the vehicles themselves but also in the broader infrastructure that supports them. In response to these risks, regulators worldwide have begun to recognize the need for standardized, mandatory cybersecurity measures for all vehicles, whether they are internal combustion engine (ICE), electric, or automated.

In 2020, the United Nations Economic Commission for Europe (UNECE) updated its WP.29 regulations, which outline the requirements necessary to ensure uniformity and priority in automotive cybersecurity. Beginning in July 2024, all new vehicles manufactured in the European Union (EU) will be required to meet these cybersecurity standards. Similarly, Japan and South Korea have also agreed to comply with these new regulations. 

The International Organization for Standardization (ISO) has also released a new standard in August 2021, which mandates cybersecurity throughout a vehicle's lifespan. This development recognizes that cybersecurity is not a one-time requirement, but rather an ongoing process that needs to be maintained and updated throughout the life of the vehicle. This standard could have far-reaching implications for manufacturers, who will need to invest in long-term cybersecurity measures, and for consumers, who will need to be educated about the importance of maintaining the cybersecurity of their vehicles. It also highlights the role of governments in enforcing these standards and ensuring that manufacturers comply with them.

Implications of vehicle cybersecurity

Wider implications of vehicle cybersecurity may include:

• Multifactor authentication for owners of electric/smart vehicles to ensure that hackers are not using any stolen information such as passwords.


• Future vehicles employing biometric security features like fingerprint or retina scanners to start the vehicles.


• Better override systems where drivers can take full control of the car when necessary, should the vehicle become compromised digitally.


• Ancillary industries such as chip and Bluetooth manufacturers keeping up with cybersecurity developments to remain compatible with newer vehicle models.


• A new wave of employment opportunities for cybersecurity specialists and software developers. However, there may be decreased demand for traditional automotive jobs, such as mechanics, leading to job displacement in certain sectors of the automotive industry.


• Advancements in encryption and secure communication protocols, leading to safer digital environments beyond the automotive industry.


• The development of educational programs and awareness campaigns, fostering a more informed and security-conscious society.


• Increased insurance premiums impacting the affordability of owning a connected vehicle for many consumers.


• Higher costs of vehicle ownership widening the gap between those who can and cannot afford such vehicles.

Questions to consider

• How else do you think connected or electric vehicles could have better cybersecurity?


• What other security features do you think connected vehicles might incorporate in the future?