The threat concerns cybersecurity vulnerabilities in modern connected vehicles, which increasingly rely on digital electronics and networked components to control everything from engine management to infotainment and driver assistance. Attack surfaces include vehicle internal networks (MOST, LIN, CAN buses), diagnostic ports (OBD), and wireless interfaces such as Wi-Fi, Bluetooth, LTE, NFC, and GPS. Attackers can exploit these vectors to remotely hijack vehicle functions, causing physical safety hazards (e.g., disabling brakes, triggering distractions), steal telematics data for targeted attacks or tracking, and even steal vehicles by mimicking key signals via CAN injectors. Payment data stored for subscription services also presents a risk. The threat landscape is stratified by vehicle type: obsolete vehicles with minimal digital interfaces pose little risk; legacy vehicles with outdated digital systems and poor network segmentation are highly vulnerable; modern vehicles implement segmented network architectures and gateways to isolate critical systems, but vulnerabilities continue to be discovered. Attacks on manufacturers’ backend servers can expose millions of vehicles simultaneously, as seen in the 2024 Toyota data breach. Regulatory efforts such as UN R155 and R156 and ISO/SAE 21434 have pushed automakers to improve cybersecurity practices, including penetration testing and software update mechanisms. However, older models are being discontinued due to inability to meet these standards. Practical advice includes verifying a vehicle’s cybersecurity features before purchase, maintaining strong authentication on vehicle apps, disabling unused features, regularly updating firmware, and monitoring telemetry data collection. Signs of compromise include unexpected vehicle behavior, rapid battery drain, and app anomalies. Organizations operating fleets face heightened risks due to scale and operational impact. The threat is evolving with the automotive industry’s increasing digitization and connectivity.

For European organizations, especially those managing vehicle fleets such as taxis, car-sharing services, logistics, and construction companies, the impact of this threat can be significant. Cyberattacks could lead to physical safety risks for drivers and passengers, operational disruptions from vehicle immobilization or erratic behavior, and financial losses due to theft or fraud. Data breaches involving customer or driver information can result in regulatory penalties under GDPR and reputational damage. The exposure of telematics data can facilitate targeted attacks or surveillance, undermining privacy and security. Attacks on manufacturers’ backend systems could cascade to millions of vehicles, amplifying the impact. Legacy vehicles prevalent in some fleets may be particularly vulnerable due to lack of ongoing security updates. The increasing integration of subscription-based vehicle features also introduces new attack surfaces that could lead to financial fraud. Overall, the threat challenges the resilience of transportation infrastructure and requires coordinated cybersecurity efforts across manufacturers, fleet operators, and regulators in Europe.

European organizations should adopt a multi-layered approach to mitigate automotive cybersecurity risks. First, prioritize procurement of modern vehicles compliant with UN R155/R156 and ISO/SAE 21434 standards, ensuring they feature segmented network architectures and central security gateways. Conduct thorough cybersecurity assessments of fleet vehicles, focusing on legacy models, and consider phased retirement or retrofit with security-enhancing modules where feasible. Implement strict access controls and strong, unique authentication for vehicle management apps, including two-factor authentication or passkeys. Disable unused telematics and connectivity features to reduce attack surfaces. Regularly update vehicle firmware and software promptly upon release, enabling automatic update notifications where possible. Monitor telemetry data collection and restrict sharing of sensitive information. Enforce policies to manage paired devices, disable automatic Wi-Fi connections, and review Bluetooth pairings regularly. Train drivers and fleet managers to recognize signs of compromise and establish incident response procedures including disconnecting vehicles from networks and contacting manufacturers or authorities. Collaborate with manufacturers to ensure timely security patches and transparency on vulnerabilities. For organizations, integrate vehicle cybersecurity into broader IT and OT security frameworks, including network segmentation and monitoring of backend systems. Engage with industry groups and regulators to stay informed on evolving threats and compliance requirements.