AI-Driven Cars Face Alarming Cybersecurity Dangers | Image Source: m.economictimes.com
DETROIT, Michigan, April 3, 2025 – While artificial intelligence (AI) quickly redefines the operation of modern vehicles, it simultaneously creates a worrying landscape of vulnerabilities to cybersecurity. From auto-driving algorithms to AI motor car infotainment systems, today’s cars are more driven by software than mechanical. This change opens new possibilities, but it also opens the door to cyber threats that can no longer be ignored.
According to research by HORIBA MIRA and major cybersecurity companies like HackersEra, automotive AI systems are increasingly being attacked by sophisticated threat actors. These systems, capable of predicting traffic patterns, navigating independently and even adjusting cabin preferences by voice controls, are likely to be manipulated or operated in a manner that poses a serious threat to road safety and consumer confidence.
Why are cars powered by AI in danger?
Vehicle systems operate differently from traditional control systems. Instead of using fixed rules or physics-based models, machine learning algorithms learn the models of large data sets. According to industrial sources, this data-based nature means that artificial intelligence systems are as reliable as the data in which they are formed, making them sensitive to internal manipulation.
This vulnerability is particularly sensitive to the complexity of autonomous vehicle (AV) systems. A single failure of the object recognition module, caused by contaminated drive data or signal fuses, could cause life-threatening accidents. “You’re not just cheating on a camera,” explains Vikas Chaudhary, founder of HackersEra. “You manipulate the decision logic that governs direction and brake.”
What kind of attack are we talking about?
Attackers no longer need physical access to the car. Methods such as the sensor spoon, where stickers or lights deceive the camera to misinterpret a stop signal, or false Lidar signals can manipulate how the car perceives its environment. As HORIBA MIRA said, functional security and cybersecurity are now more linked than ever. A simple snowy lens could cause the same reaction as a sharp cyber attack.
Other threats include:
- GPS signal spoofing: Misguiding the car’s location system.
- CAN Bus tampering: Gaining control of internal networks to disable brakes or steering.
- Data poisoning: Feeding false data during the AI training process to manipulate outcomes.
- Remote hacking: Using unsecured wireless protocols like Bluetooth or Wi-Fi to gain access.
Threats are not hypothetical. According to the Economic Times, many car manufacturers are already testing defence mechanisms such as intrusion detection and prevention systems (IDPS) and vehicle safety operations centres (VSOCs) to address these risks.
How do manufacturers react?
Manufacturers are beginning to take cybersecurity as seriously as mechanical security. Tata Motors, for example, shared that it is now implementing a layer defense strategy – covering vehicle hardware, associated applications and cloud services. This includes:
- End-to-end encryption for vehicle communications
- Timely software updates
- Regular penetration testing
- Compliance with global standards like ISO/SAE 21434 and UN R155
“Safety becomes as non-negotiable as airbags,” said Chaudhary, stressing that today’s safety must be seen through physical and digital lenses.
What about regulation? The law opens?
Yes, but slowly. UN Regulation No 155 already provides for cyber security to be respected for the reception of vehicles in markets such as the EU, Japan and South Korea. Meanwhile, broader standards such as the EU Artificial Intelligence Act and the US National Artificial Intelligence Initiative Act encourage surveillance in all industries, including automobiles.
India is not too late. Standards such as AIS 189 should introduce cybersecurity into regulatory frameworks, which is not only a best practice, but also a legal imperative.
What role do human factors play?
It’s not just software, it’s people. Fan He’s studying how drivers react to several cyber attacks. His research suggests that drivers often lack tools or knowledge to recognize a cyber attack, much less to respond effectively.
“With more automated and software-equipped drivers, drivers are more like passengers,” he explains.
The work emphasizes the need for infrastructure to support cybersecurity in real time, such as emergency road aid, but for cyberattacks. According to him, a network of trained CVRs and analysts could help respond to real threats and quickly mitigate damage.
Are concessions also in danger?
And maybe even more vulnerable than cars themselves. An online survey conducted by Botdoc in November 2024 revealed significant cyber security gaps among car dealers and lenders. Although there are firewalls and anti-virus tools, only 9.71% of distributors had adopted secure data protections in transit.
Furthermore, 40.78 per cent of respondents did not know whether they had been raped. With dealers who store sensitive customer data – names, addresses, credit card details - this ignorance is dangerous. As Karl Falk, CEO of Botdoc, pointed out, there is a growing need for encrypted communication systems that do not trust outdated practices such as passwords or plugins.
What solutions are emerging?
Many automotive actors are stepping up their investments in cybersecurity tools. According to the survey data:
- 20.39% plan to invest in cloud security
- 19.42% in ransomware defense
- 17.48% in AI-based threat detection
Unfortunately, the security of transit data, an essential component, remains low on the investment list despite its importance.
Can AI fight AI?
Ironically, AI can also be the most powerful tool to defend against its own abuse. According to HORIBA MIRA, machine learning algorithms are deployed to detect system behavioral anomalies that may indicate manipulation. The treatment of natural language can extract intelligence from the threat from online discussions or unstructured newspapers, allowing defenders to respond proactively rather than reactively.
However, there is an imbalance of the stars in time: engineers have a limited development window, while attackers have all the life of the vehicle to find weaknesses. The battle is asymmetric, making cybersecurity investments a continuous and sustainable process.
Is the future safe?
The integration of AI into cars does not diminish. Anyway, it’s accelerating. By 2050, fully autonomous vehicles could become the norm. But industry must now contain the ethical, legal and technical implications of such a future.
From research laboratories to assembly lines, all in the automotive ecosystem need to rethink safety, not only in terms of brakes and airbags, but also in terms of code and algorithms. The idea that a car can be hacked while in motion is not science fiction – it is an imminent reality.
Auto cybersecurity is no longer an optional update. This is the new seat belt, a standard that drivers and passengers expect by default. Because in this digital age, security is not just physical. It’s also virtual.
About The Author
