INDUSTRY INSIGHT
GONE IN 60 SECONDS NO MORE: Thwarting cyber threats with Secure-by-Design automobile solutions
By Sergey Melnikov and Semyon Kort,
Kaspersky
systems, infotainment), vehicle theft, physical damage or harm to drivers, passengers and pedestrians.
One of the most widely discussed cyberattacks on a vehicle occurred in 2014 when a Jeep Cherokee was remotely compromised by researchers who sent it into a ditch via its radio interface. By exploiting a vulnerability in the infotainment system, the researchers gained control over critical functions like brakes, steering and the engine through a cellular connection. This was the first ever practically demonstrated attack on a vehicle, which kicked off serious research in this area. channel, as detailed in a presentation at Black Hat Asia 2025. All identified vulnerabilities were responsibly disclosed to Nissan and its suppliers between August 2023 and September 2024.
Over the years vehicles have become even more software-defined and connected which has expanded the attack surface. Driving a car is associated with high risk for everybody on the road: drivers, passengers and pedestrians. The need to ensure cybersecurity affects other stakeholders as well, such as vehicle fleet operators, carsharing and taxi service providers, and dealership networks.
These risks stem from flaws in production processes: when designing a vehicle, cybersecurity is often overlooked, leading to rushed efforts to address vulnerabilities in purchased components and flawed architectures afterwards. Fixing these issues during integration or acceptance testing is far more costly than designing and coding securely from the start.
There is a need to manage these risks from the vehicle design phase through vehicle production and usage. Indirect attacks exploiting vulnerabilities in supporting infrastructure( e. g., charging stations) or communication protocols can further
Another notable case involved the hijacking of a Tesla Model S through vulnerabilities in its mobile app. Attackers exploited weak authentication to access remote control functions, such as unlocking doors and starting the engine. Additional vulnerabilities have been exposed over time, including those in Tesla charging stations, which allowed manipulation of charging processes, and breaches of dealer and repair shop databases, leading to customer data leaks. A particularly unusual case involved a McDonald’ s app installed in a vehicle, which, due to its vulnerabilities, could serve as an entry point for attacks on the infotainment system. These incidents highlighted the need for a holistic cybersecurity approach, protecting not only the vehicle but also its supporting infrastructure and third-party applications.
In a more recent case that happened in May 2025, a team of European white hat hackers demonstrated a significant vulnerability in a 2020 Nissan LEAF, allowing them to remotely control functions like steering, horn and wipers, while also recording passengers ' conversations via the car ' s infotainment system. Using parts sourced from eBay and a junkyard, they exploited weaknesses in the LEAF’ s Bluetooth protocol and DNS C2
RISKS FOR THE VEHICLE
Modern vehicles, with their complex architectures integrating hundreds of electronic components and diverse communication interfaces( CAN, LIN, Ethernet, Wi-Fi, Bluetooth, LTE), present a vast cyberattack surface, vulnerable to both physical and remote exploits targeting diagnostic ports, wiring or software vulnerabilities. Attacks can lead to data theft or manipulation( e. g., personal or payment information), malicious code installation, disruption of vehicle functions( engine control, advanced driver assistance compromise vehicle security or enable adversaries to target external services, highlighting the need for comprehensive cybersecurity measures across the vehicle ecosystem.
RISKS FOR THE SUPPORTING INFRASTRUCTURE
The supporting infrastructure for vehicle services, typically cloud-based systems like telematics, data and update servers, is vulnerable to cyberattacks that can disrupt operations and compromise security.
WORDS IN ACTION 16 NOVEMBER | DECEMBER 2025