Site navigation

EU Agency for Cybersecurity Publishes Smart Car Security Report

Duncan MacRae


car speedometre

Attacks targeting smart cars could lead to vehicle immobilisation, road accidents, financial losses, disclosure of personal data and endanger road users’ safety, say researchers.

The EU Agency for Cybersecurity (ENISA) has unveiled a report on the cybersecurity of smart cars.

The agency’s study aims to promote cybersecurity for connected and semi-automated cars by highlighting emerging threats. The report also issues guidance on security measures that could potentially help to mitigate them.

“Smart cars already available today provide connected, added-value features in order to enhance car users’ experience or improve car safety,” the report states. “With this increased connectivity (that the emergence of 5G is expected to further promote) novel cybersecurity risks and threats arise and need to be managed.”

The report offers a detailed analysis of the conclusions reached in ENISA’s 2017 study, ‘The ENISA Cybersecurity and Resilience of Smart Cars—Good Practices and Recommendations’.

In its newest report, ENISA researchers stated that Vehicle-to-Vehicle (V2V) and Vehicle-to-Infrastructure (V2I) interfaces, required for the deployment of intelligent transport systems and autonomous cars, have increased the potential attack surface and attack vectors. As smart cars are increasingly impacted by the growth of advanced machine learning and artificial intelligence, the researchers foresee that the number of risks posed by cyber-threats will multiply.

Cyber attacks on smart cars could cause damage that exceeds simply losing sensitive personal information.

The researchers said: “Attacks targeting smart cars may lead to vehicle immobilisation, road accidents, financial losses, disclosure of sensitive and/or personal data, and even endanger road users’ safety.”


In 2015, researchers used a remote proof-of-concept attack to gain control of a smart vehicle and send it off-the-road, which led to more than a million cars being recalled. More recently, researchers showed that it was possible to remotely or locally take control of smart cars’ infotainment systems by using diagnostic services to manipulate the vehicles’ functions.

Smart cars have also been hijacked via their smart alarm and made to perform illegitimate actions, including cutting the engine and enabling or disabling the immobilizer.

Interest in autonomous cars, from both end users and manufacturers, is big. A survey of 5,500 global city dwellers from all around the world found 58% of global respondents are willing to take a ride in a driverless vehicle. If optimistic predictions on the topic prove to be correct, the world may see the widespread deployment of fully automated vehicles as early as 2030.

Duncan MacRae


Latest News

%d bloggers like this: