Modern vehicles vulnerable to cyber attacks, warn experts

Srinagar, Feb 16: Cybersecurity experts have raised concerns over the increasing digitization of modern vehicles, warning that greater connectivity makes them more vulnerable to cyberattacks.

While the integration of Artificial Intelligence,  GPS tracking systems and autonomous driving techniques have improved the driving experience, it has made modern vehicles vulnerable to cyber attacks.

Muneeb Amin Bhat, a cyber security researcher told Greater Kashmir that hackers are now exploiting vulnerabilities in keyless entry systems, vehicle communication networks, and on-board software to steal, track and even remotely control cars.

Muneeb recently discovered a vulnerability on the website of Kraken, a US-based cryptocurrency exchange. Before it,  he pointed out vulnerabilities in NASA,  Apple, Oracle, USAA bank systems and many other websites of global repute.

“Recent cyber attacks have brought the spotlight on how automakers and consumers could enhance automotive cybersecurity”, Muneeb said.

He said that modern vehicles utilize keyless entry systems that operate through radio signals for added convenience.

“However, hackers can hack these systems by using relay amplifiers to extend the key fob’s signal, deceiving the car into unlocking and starting it without the owner’s awareness,” said Muneeb.

Car thefts involving cyber attacks are taking place across the globe. In January 2025, London recorded at least 800 car thefts through key relay attacks. All these cars were keyless, using the modern security systems.

According to Muneeb, modern cars are also stolen through GPS spoofing and monitoring manipulations.

“Hackers use GPS spoofing to send false data to a vehicle’s tracking system, making it appear as if the car is in a different location. This tactic is commonly used to mislead fleet tracking systems,” said Muneeb.

Citing an example, the cyber security researcher said that in December 2024, Iranian hackers manipulated GPS signals to hijack an oil tanker by making it appear as if it was in international waters, evading security measures.

“The Controller Area Network ( CAN) is responsible for controlling critical vehicle functions like breaking and acceleration. Hackers can inject malicious CAN messages to take over essential systems,” said Muneeb.

Muneeb said that there were many other ways by which the hackers could compromise the security of vehicles.

He, however, said certain precautionary measures could protect the vehicles from cyber-attacks.

“Installing multiple GPS systems in hidden locations within the car and securing keyless entry system by using a Faraday pouch or box to store your key fob when not in use”, Muneeb said.

He said that turning off passive keyless entry if a car allows it could also protect it from hackers.

But of course, the easiest option is to forget about ‘modern’ cars and go back to systems that work and are safe - a vehicle that needs Caterpillar diesel parts, for example, is always going to be reliable.