Posted on 06/20/2025 11:27:52 AM PDT by Red Badger
Why Car Cybersecurity Can’t Be Ignored
Imagine treating a ticking time bomb as background noise. That’s how many in the automotive industry have approached ransomware. Ransomware now accounts for 45% of all automotive cyber incidents so far in 2025, making it the leading threat to the sector. The scale of these attacks is also increasing: large-scale incidents affecting millions of vehicles more than tripled in 2024, and nearly 60% of all reported cyber events in 2023–2024 were large-scale in nature
There is strong evidence that the number of publicly disclosed automotive ransomware attacks is only a fraction of the true total. Many incidents are never disclosed. 148 publicly disclosed automotive cyber incidents were tracked in just the first quarter of 2025, but cybersecurity experts warn it is just getting started: “The pieces are in place for a transition from today’s manual, car-modding hacks to more harmful and larger-scale attacks,” and that criminal activity on the dark web points to a much broader, largely hidden threat landscape.
In a world where drivers expect more than just horsepower, digital security has become as essential as the engine itself.
The New Threat in the Driver’s Seat
Today’s cars are marvels of connectivity, but this convenience comes with risk. Picture a journalist at a dealership, eyeing rows of sleek sedans. Each keypad and dashboard screen seems harmless—until malware hidden in the firmware threatens to lock down the entire vehicle. That 45% breach statistic isn’t just a number; it’s a warning. What if, the next time you start your car, you’re met with a ransom note instead of the familiar engine hum?
When Code Becomes a Weapon
Ransomware attacks on car manufacturers often start with a weak link—stolen credentials from suppliers or compromised service portals. Once inside, attackers can encrypt vital systems: infotainment, navigation, even the ignition. An encrypted Electronic Control Unit (ECU) can make starting your car impossible until a ransom is paid. Unlike the data breaches of the past, these attacks don’t just steal information—they can bring your car to a standstill.
Vulnerabilities in the Supply Chain
The automotive supply chain is vast and complex, providing more opportunities for cybercriminals. A single phishing email to a small supplier can lead to malicious code being embedded in a firmware update, which then spreads to thousands of vehicles. Compromised update servers can deliver ransomware-laden patches, infecting entire fleets in minutes. Ironically, even the most security-conscious manufacturers can inherit vulnerabilities from distant partners.
Everyday Routines, Unusual Risks
Consider your morning routine: coffee in hand, you tap “Start” on your car’s smartphone app—only to find your vehicle locked by ransomware. The cost of negotiating with hackers may exceed typical repair bills, and insurers are still figuring out how to handle these new risks. Meanwhile, online forums buzz with debates over which software updates fix vulnerabilities and which might accidentally introduce new ones. Delayed security patches can leave vehicles exposed for weeks, making every drive a potential gamble.
Trust on the Open Road
Modern vehicles offer dazzling features and seamless connectivity, but these advances come with serious questions. When convenience can so easily turn into coercion, will drivers still trust their cars? On the open highway, does the engine’s roar reassure you—or remind you of the silent code that could one day hold you hostage?
You’re not powerless against this wave of automotive ransomware—there are concrete steps you can take right now to protect yourself and your EV:
Start by disabling remote access features when you don’t need them.
Always use strong, unique passwords for your car’s apps and accounts.
Keep your vehicle’s software and apps updated; patches often fix vulnerabilities before hackers can exploit them.
Be cautious with Bluetooth, Wi-Fi, and public charging stations.
Secure your key fob in a signal-blocking pouch.
Avoid connecting to unfamiliar networks.
If you add aftermarket gadgets, choose only trusted brands and check their security track record.
Stay alert for official security updates from your automaker and report any unusual vehicle behavior immediately.
A little digital vigilance goes a long way—taking these steps can help keep your car, your data, and your daily routine safe from cybercriminals.
Thank you for understanding my lengthy response-I am only a few weeks out, and it hasn’t sunk in yet. If I live long enough to last 22 years after I retire, I will be 90! (My parents both passed in their early-mid Seventies, so that would be icing on the cake for me-I think! Or, I hope!)
Funny. For a long time, I could never imagine myself living past the age of 30. It was just black future, nothing I could even imagine. Then, when I entered my Thirties, I could visualize myself as an old, grey guy.
I am sometimes astonished I had the job I did, because I was NEVER an agent of change. But I had to do it, and I had to provide the leadership to do it, so...I had to do it, even though I hated change.
Now? For the last several years, I have been becoming anti-technology. Well. That has all passed me by now, I can be whatever I want...:)
Nice talking to you, FRiend!
I agree with you...to a degree. Read my post at #39-you simply cannot have paper-based downtimes. We even went to the point of trying to develop “downtime kits” to be used if the entire network went down, as happened to that unfortunate hospital I mentioned.
We had tackle boxes with inexpensive routers and big coils of network cable so we could send images from a CT scanner to some offline storage thing that could be seen by a workstation where images could be displayed in the event we had a downtime like that, but to no avail. It was unworkable.
A good analogy is the Apollo mission to the moon. How much money were they willing to spend to have more than one or even two backup systems to cover certain types of failure. There were both weight and cost considerations, and when Apollo 13 happened, it turned out they needed one additional backup system they could not have designed in, and famously, had to improvise to survive.
Hospitals generally do not have the financial overhead to be able to create a backup “downtime network”. They do things like trying to design failover systems and such, but every single one is problematic to press into service in the event of a large failure.
We generally had a downtime process for each system, such as how to dictate reports when the speech recognition system is down, another one for when the order system was down, and so on. And those can work at nights when system load is low.
But once you have more than one failure, the complexity of multiple system downtimes rapidly metastasizes in complexity and nearly immediately becomes unworkable due to the interconnectivity intricacy.
But, we tried, using always-on SQL databases, load balancers, primary and secondary failover systems, but as of my retirement we could not make them work effectively.
But I know exactly what you mean. As of this writing, I am on the verge of becoming a Luddite. And I despise this trend of filling cars and washing machines with computers.
Bah. Who needs all that crap?
Just wait until the government and insurance companies tap into monitoring and control of your car using AI.
All of your posts in this thread are interesting and informative, as is usual for you. These predicaments are the type which lead to civilization collapse. Take away a teenager's cell phone and he will die. A wide-spread system collapse would cause serious damage. Such should not be the case.
Way back in 1970 I was a founding member of a company intent upon automating hospital information flow. Back in those days that was a new idea. We leased and IBM System 3 and got busy. The raw data was still collected on paper and that was submitted to keypunch, and then batch processed on the computer. The system worked well. We managed four hospitals by the time I got bored with that and headed out to work with Skylab.
I kept up with those blokes all along. They eventually put CRT terminals all over hospitals and setup interactive systems. These were connected over an RS422 star network using PDP-8s as concentrators. A paper-based backup was maintained and personnel were trained to use it. Many butts were saved from time to time. Of course, that system eventually gave way to Ethernet-based connectivity and PCs. That is when the feces hit the forced air blower.
Anyone who thinks hospital data flow is simple hasn't tried it. ;-D
I just don't see why a hospital MUST connect its network to the Internet. It would certainly possible to have Internet connectivity available without it being connected to a workflow system.
I see you picked up what I was putting down! I went to a conference once, and some doctor up on the stage was saying we need to make medical systems (and their communication protocols) so bulletproof and standardized that they were foolproof. He used bank transactions as an example, and I nearly fell out of my chair!
Bank transactions are pretty simple and dry, usually with one or two human inputs. One single medical transaction message might have input from dozens of humans, each one prone to making mistakes in the workflow!
Ah, well...it is a great goal anyway, right?
“As of this writing, I am on the verge of becoming a Luddite. And I despise this trend of filling cars and washing machines with computers.
Bah. Who needs all that crap?”
Oh... Wisdom and foresight. What an intelligent concept now forgotten and obsolete. I have been all in for about two years now guys. Other than the last minimal residuals of communications I have unhooked from everything I can. I have come to hate this trend and “Internet of Things” they are shoving down our throats. Yes, Luddite is the proper comparable label I think. I am all in for joining that club of intelligent understanding of reality...
I think we have an advantage in vision because we actually do understand the tech and how it really works and do not roll with myths and misconceptions based on false narratives. Everything we own and everything we do is being connected to the IoT. Like you say our Appliances, Thermostats, TVs, Cameras, PCs, Mobile Phones, Vehicles, Just about everything electronic is now connected to the IoT with Dedicated Short Range Communication (DSRC).
For us the delusion of “It is not possible” no longer applies. We understand that it is possible and it is already here and being used in everything even down to Crock Pots hooked to the IoT that you can control from work with a phone app. The only thing left to hook into the cloud of IoT is “US” physically and that is just around the corner. But as long as we are connected to that remote control modem called a Cellphone they have us leashed and connected anyhow. Our cell phones interact with everything around us in the IoT as a data gathering and tracking device.
Take Vehicles for example. I hear arguments from all the genius technology apologists that Vehicles can only be connected to data centers by Cell Service. This is an absolute myth and ignorant perspective. The newer vehicles are actually hooked to and sharing data with everything around them by default through the IoT. Other cars, traffic lights, home modems and Ring Cameras as you drive by... Everything wireless is all connected together in one big cloud called the Internet of Things including your vehicle.
This vehicle connection is already being used without our full knowledge. The technology and infrastructure has been incorporated for several years now without us knowing they are doing it. And they will hide it until we get the “It has come to our attention that data recorded from your driving habits requires us to raise your insurance policy rates” notice to our email or text. Or the “It appears you have gone past your vehicle’s service requirement mileage so your warranty has been voided”.
This is all very real. And with the addition of the 5G “Data Network” and AI it is about to go on steroids. The “it is only GPS and local in car hotspot through Cell service” is absolute BS period. It is 5G satellite tracking, Cell Service, Local interactive wireless/WiFi Internet of Things... Every method of radio data connection is now utilized to gather data and track in real time no matter where you are through phones and vehicles.
“Connected vehicles are capable of mass communication with their surroundings, including traffic lights, toll booths, parking facilities, and nearby vehicles. These communications include vehicle-to-vehicle (V2V), vehicle-to-infrastructure (V2I) (WiFi), and vehicle-to-everything (V2X) (WiFi IoT), which include pedestrians and cyclists. Connected vehicle technology aims to improve driver safety, and while still relatively new, DSRC has been the longest standing technology for V2X. Now, with 5G entering the connected vehicle market, there is some debate about which technology should be used.”
https://www.smatstraffic.com/2021/06/28/connected-vehicles-dsrc-5g/
I don't. Which is why we buy base trims.
That man is a Patriot. He took that route knowing what it would do to his career in the military, but retired shortly after his re-assignment.
He wrote a phenomenal book about Communist China called:
LINK TO GEN. SPALDING DISCUSSING HIS BOOK: "Stealth War: How China Took Over While America's Elite Slept"
I used to be a huge advocate of technology at all levels, an enthusiastic early adopter, but...this business of people who can't survive in a disconnected mode, tracking their children, etc. is very disturbing to me.
There is something dehumanizing and evil about it that I find more repulsive with each passing day.
And I spent most of my career implementing these types of things for myself, people I know, and my work.
I think it is out of hand. A big EMP event (man-made or natural) is going to cause chaos. Real chaos, not this crap Leftists say Trump is causing, but civilization ending chaos.
I am damned concerned about it.
Starting in the early 1980s, I assumed that our civilization was headed for collapse. Nothing in the intervening years has convinced me otherwise. I have collected books regarding the basic sciences, math, and craftsmanship. Books are expensive, so I have only four eight-foot shelves of such books. That would be just a modest restart. I also have a small cache of survival gear. Of course, I am no longer physically able to crawl out of the ashes. Now I merely hope that someone could make use of the collection as they rise from those ashes.
I think collapse is relatively close at hand. Those will not be fun times. I feel sorry for mankind; yet, they brought it upon themselves. Electronic gadgetry did seem to hasten the demise.
The first thing to disconnect from a compromised grid is yourself.
Start there then Build Back Better
;)
Yes, I am damned concerned about it too as you have noticed the last several months. I am screaming and hollering my head off about this Beast to either deaf, selfish, or greedy ears. But I have now realized there is no saving it. Humanity is hell bent on their own destruction by begging for this technology and enslavement.
I agree this putting all of our eggs in one basket and becoming completely dependent on it is a huge huge mistake. Let alone that kind of complete total control over humanity this will hand the bad actors. When it is mandatory there will be no hiding from it. One will have to go back to a primitive lifestyle to survive where just fire will be a luxury.
I am no longer much of a Bible thumper, but I can absolutely relate to the prophecies about the Beast. And I do not think it is a being like most think, I think it is this very digital industry that will brainwash and enslave everyone 24-7. It just fits with uncanny accuracy and logic. Too much to be coincidence. Myth or not it is like a huge billboard flashing.
Funny you mentioned collecting books of knowledge. Couple years ago another tech and I were seeing all this happen and actually discussed that it might be time for a Monastery to be stocked with physical knowledge to preserve it before the coming chaos ensues. Because it is coming, and I think it is coming soon.
“The first thing to disconnect from a compromised grid is yourself.”
As far as communications I have actually been working at that for a couple years now. I have been researching and playing with all the underground communication protocols that do not require any of the common TLD internet controls.
Other than just minimal communications I have now eliminated everything digital in my life. No cards, apps, internet business, purchases, or accounts. Etc. I don’t care if it costs me a little more time, effort, or money. I am now standing against it all on principle. I wish more would wake up and see the real danger in all this...
The new ones are cheaper can can support desirable features. Appliances do not need WIFI or Bluetooth.
We can only hope that nations like China that have been investing heavily in cyber warfare and also pose a huge insider threat, do not have the means to cause large scale and long term chaos for us.
It’s all getting very “Idiocracy” like.
Tech is great, I’m all for it (((where it provides some advantage))).
But a lot of this tech to me is regressive.
We are building things that are in reality more disposable, use more batteries, have a shorter designed life and are LESS environmental.
We are making cars that are becoming lighter and smaller to be more fuel economical that are LESS safe.
We are building things that can no longer easily be repaired, are super complex and packed with dependent systems that are all communicating, they use proprietary parts that aren’t available after a few years which makes them LESS durable, LESS reliable.
Things are going backwards!
It’s just that the POS you buy has lots of blinking lights, USB ports and listens to you, sending advertisement to your phone. That’s called progress.
You have made an important and insightful set of observations. I remember years ago when shopping for a CD player the shop keeper told me, “The best units are these ugly things from Germany. The ones Americans buy are these over there with the flashy LEDs”.
At lot of this tech isn't actually doing anything for us - it's not a “performance enhancing” feature.
It's just tech for the sake of having tech by the consumer, but increases the profitability for those providing the product. A lot of the digital systems are far cheaper to manufacture than their analog counter parts (the true reason for all these digital control systems - they are pennies on the dollar to manufacture compared to an old mechanical system).
However, what these manufacturers are really doing, is replacing a proven and highly reliable technology, a repairable system, one that is better suited for the environment (heat, vibration, moisture and lint), with a cheaper and disposable one where they give the consumer a blinking LED light on the display.
***The consumer has changed.***
Years ago, and this is not a joke, you would see a person look under the hood and car to see if they can get to essentials like a dip stick, oil plug and filter. They would mechanically inspect the vehicle to make sure they can do some basic maintenance themselves. 30 Years ago it was not unusual to see someone on their knees looking under the car in a dealership!
Today, the average car buyer is concerned about how many USB ports a car has, the number of cup holders, how big the LCD display is, but the car they are buying is literally a POS - a disposable, hard to repair, unreliable, packed with proprietary parts that won't be available in 12 years, plastic and glued POS where after ~12 years the headliner will fall on your head like clockwork.
Ask a mechanic that has been around if cars are generally getting more or less reliable over the last years. Instead of using our understanding of engineering, newer materials, more precise tooling and manufacturing, and digital technology to build better (meaning safer, more reliable, longer lasting) machines, we're building plastic toys with a finite useful life i.e. junk.
Do you know why in reality starting about 2010 the number of traffic fatalities started going back up? https://en.wikipedia.org/wiki/Motor_vehicle_fatality_rate_in_U.S._by_year#/media/File:1994-_Motor_vehicle_traffic_deaths_in_road_accidents,_by_country.svg
Fuel efficiency! This also corresponds to when smaller and more compact cars became more popular. Progress?
If you want to see the epitome of this look at the new Scout: https://www.scoutmotors.com/
The whole purpose of the original Scout was that it was basically a farm tractor with a cab on it: https://en.wikipedia.org/wiki/International_Scout
You can STILL buy a seal beam headlight at a local Walmart for $12.99 and replace it yourself for a vehicle made in 1977. It was a reliable, easy to repair, practical functionally with decent off road capabilities.
Now compare that to the new Scout. Other than the square retro look and name, they have NOTHING in common. The entire concept behind that car is lost. It's just a fashion statement today.
Do you think you're going to do any of the maintenance on the new Scout yourself? What does a headlight cost if you break it on the new Scout? Do you think you can get some of the plastic parts once that car is 12 years old? Do you think the battery pack is going to last 20 years? Did you have to worry about paying $1,000 if you lose or break your last key fob on the old Scout? If the new Scout with its fancy digital displays and electronics is muddy, are you going to wash it out with a garden hose? Progress?
Seriously, you can rinse this car out with a garden hose: https://cdn.shopify.com/s/files/1/0194/5855/products/IMG_1041_1024x1024.JPG?v=1498488455 (protect the radio)
Can you do that with this car? https://external-content.duckduckgo.com/iu/?u=https%3A%2F%2Fwww.digitaltrends.com%2Fwp-content%2Fuploads%2F2024%2F10%2FScout-Traveler-electric-SUV-dashboard.jpg%3Fp%3D1&f=1&nofb=1&ipt=95c1b9502284bf38c6869535c3f86d51f7b9d7e5e3c2be7e38f30f2c6e848132
Regarding the digital vs analog amplifiers for music: Test instruments reveal that the digital devices reproduce the music with far more accuracy of the wave forms than their analog counterparts. People, on the other hand, prefer the mushiness imparted by the analog amps. It is possible to add mushiness to the digital process.
Disclaimer: Opinions posted on Free Republic are those of the individual posters and do not necessarily represent the opinion of Free Republic or its management. All materials posted herein are protected by copyright law and the exemption for fair use of copyrighted works.
