11:03 23-11-2025

The growing car cybersecurity threat and data privacy risks

Modern cars run on code, making them prime targets. Learn how hackers exploit ECUs and why automakers must prioritize cybersecurity and data privacy.

Modern cars have effectively become computers on wheels: always online, updated over the air, and running tens of millions of lines of code. Along with that convenience came a new threat—cyberattacks. Security researcher Eaton Zveare argues that carmakers are already facing incidents they don’t even see, describing the situation as a ticking time bomb and noting that the industry is underinvesting in protection.

The risk is plain: once a vehicle is compromised, an intruder could influence steering or braking, or tap into large troves of personal data. At the DEF CON conference, experts spoke openly about how easy it has become to slip into automotive systems. It’s no surprise the attack surface keeps expanding: around 30 electronic control units in 2000, and in today’s premium models as many as 150. Those figures speak for themselves.

The industry is trying to respond. Consortia such as GlobalPlatform, bringing together carmakers, tech firms, and public agencies, are developing a unified security architecture for future autonomous models and methods to counter intrusions. Yet the practices of many brands can undercut safety goals—for example, collecting personal data and sharing it with third parties. The episode involving GM and OnStar showed how easily information can reach insurers without an owner’s knowledge. Trust erodes quickly when data flows beyond the cabin.

Until cybersecurity becomes a priority, the risk—for the auto industry and for drivers—will only grow.