Major car brands risk chaos as hackers target millions of vehicles, ex-FBI cyber chief warns

The Growing Threat of Vehicle Hacking

A former FBI cyber chief has warned that millions of vehicles could be at risk of being hacked in the coming years, posing a significant threat to drivers. Cynthia Kaiser, SVP of the Halcyon Ransomware Research Center, highlighted that as vehicles become more technologically advanced, they also become more vulnerable to cyber attacks.

Ms Kaiser, who previously served as Deputy Assistant Director of the FBI’s Cyber Division, described the shift towards connected vehicles as "an almost unavoidable trade-off." She explained that modern vehicles contain over 100 million lines of code and increasingly rely on cloud services, over-the-air updates, and third-party software integrations. These features, while enhancing driver experience, also create new opportunities for cyber threats.

As more drivers transition from petrol and diesel vehicles to electric cars, there is an expectation for improved technology. This includes not only driver assistance and road safety features but also entertainment options, with some brands even offering karaoke functions. Manufacturers, particularly those in China, face intense competition, and technology is one of the easiest ways to stand out by addressing the needs and desires of motorists.

Exploiting Connection Points

Ms Kaiser pointed out that all these connection points can be exploited by threat actors and criminals. A report from Halcyon shows that ransomware attacks targeting the auto sector more than doubled in 2025, accounting for 44 per cent of all publicly reported cyber attacks in the industry. The report states that threat actors are increasingly aware that more connected vehicles offer greater opportunities to infiltrate systems and cause damage.

Criminals have also targeted manufacturers in an attempt to disrupt their operations and potentially extort companies for financial gain.

Major Cyber Attacks on Automakers

Jaguar Land Rover was the largest target of a cyber attack last year, with the iconic British manufacturer forced to undertake a "phased restart" of its operations after shutting down its IT services and suspending production at its sites. A report from the Cyber Monitoring Centre estimated that the JLR hack caused a financial impact of £1.9 billion and affected more than 5,000 organisations in the UK alone.

French brand Renault also confirmed that its third-party data processing providers had been targeted in a cyber attack, with criminals accessing customer names, addresses, dates of birth, gender, phone numbers, vehicle identification numbers, and vehicle registration details. While it confirmed that no financial or password data had been compromised, it instructed drivers to remain cautious of "any unsolicited requests" for personal information.

Calls for Enhanced Cybersecurity Measures

Following these hacks, Cynthia Kaiser said she hoped manufacturers would take greater steps to protect themselves from cybersecurity issues and ransomware attacks. The expert, who also served as a member of the Cyber Safety Review Board and as a daily intelligence briefer to senior White House officials, stated: "We expect, at the very least, incidents like this to accelerate investments already underway."

"At a minimum, the JLR breach was a reminder, at board level, that the financial and reputational costs of a serious incident are increasingly difficult to dismiss."

Conclusion

As the automotive industry continues to embrace connectivity and advanced technology, the risks associated with cyber threats will only grow. Manufacturers must prioritize cybersecurity to protect both their operations and their customers. With the increasing frequency and sophistication of cyber attacks, it is clear that proactive measures are essential to safeguarding the future of connected vehicles.