{"id":227097,"date":"2026-06-06T01:10:00","date_gmt":"2026-06-06T05:10:00","guid":{"rendered":"https:\/\/testing.news-you-need.com\/index.php\/2026\/06\/06\/are-connected-electric-vehicles-safe-the-top-threats-they-face\/"},"modified":"2026-06-06T01:35:12","modified_gmt":"2026-06-06T05:35:12","slug":"are-connected-electric-vehicles-safe-the-top-threats-they-face","status":"publish","type":"post","link":"https:\/\/testing.news-you-need.com\/index.php\/2026\/06\/06\/are-connected-electric-vehicles-safe-the-top-threats-they-face\/","title":{"rendered":"Are connected electric vehicles safe? The top threats they face"},"content":{"rendered":"

Are connected electric vehicles safe? The top threats they face<\/a><\/p>\n

https:\/\/www.escudodigital.com\/en\/cybersecurity\/are-connected-electric-vehicles-safe-the-top-threats-they-face.html<\/a><\/p>\n

Publish Date: 2026-06-06 01:10:00<\/a><\/p>\n

Source Domain: www.escudodigital.com<\/a><\/p>\n

Author: <\/a><\/p>\n

Using an unordered list, summarize the following article with between 4 and 8 key points. <\/p>\n

\t\t\t\t\t\t\t\t\t\t\t\tThe automotive industry is experiencing a situation of uncertainty that does not favor a smooth transition. In addition to the traditional risks associated with driving or owning a car, there are now various technological revolutions to consider, such as the emergence of artificial intelligence and the impact of cybercrime. The resulting scenario is increasingly complex.<\/p>\n

All vehicles, whether electric or not, contain numerous components that are susceptible to attack. Brakes can be locked, sensors can be altered, or proximity radars can be deactivated. The maximum speed limit can also be manipulated, as well as the car’s most private data (where it rests each night, which highway it crosses in real-time).<\/p>\n

S2GRUPO has just prepared its Second Report on Cybersecurity in Connected Electric Vehicles, which analyzes the threats to the sector with the objectives of validating the use of a specific methodology for risk analysis development and identifying appropriate security measures to protect the availability, integrity, and confidentiality of Connected Electric Vehicles (CEV).<\/p>\n

Limitations in traditional models<\/p>\n

Researchers have identified the limitations of traditional industrial cybersecurity models:<\/p>\n

Linearity in approach. Until now, risks have been evaluated individually and in isolation, without considering that industrial environments are becoming more complex and current attacks often combine several techniques and stages. This perspective is not appropriate for examining new risk scenarios.<\/p>\n

Relationship between threats and impacts. Dangers do not usually materialize in isolation. It is often necessary to consider simultaneous vulnerabilities.<\/p>\n

Problems in estimating probabilities. A critical risk scenario results from the combination of vulnerabilities at different levels of the system and the sequential nature of attacks. S2GRUPO proposes the Microsoft Threat Modeling Tool (TMT) methodology, which uses attack trees to calculate the probability of risk scenarios materializing, successfully tested in other mobility-related environments, such as the railway or naval sectors, and in critical infrastructures.<\/p>\n

The TMT focuses on functional security, network segmentation, and defense in depth. The connected vehicle should not be confused with the autonomous one, designed to control its own movement without the need for a driver (it is only a small part of connected vehicles). Autonomy is possible thanks to the ability to detect environmental elements and respond independently to them, allowing circulation without human intervention.<\/p>\n

The components of the CEV, as well as their communications and architectures, facilitate the identification of critical elements in the field of cybersecurity. S2GRUPO analysts have proven in the laboratory that attacks can exploit different entry points, such as physical intrusion, wireless access, or through diagnostic protocols.<\/p>\n

Main threats<\/p>\n

Unfortunately, the possibilities for attack are numerous:<\/p>\n

\tBrake locking through malicious manipulation of ABS valves, using diagnostic packet injection (UDS).
\n\tPermanent centralized locking.
\n\tModification of the behavior of visible and audible sensors and actuators.
\n\tDeactivation of proximity radar through the sending of CAN Standalone messages.
\n\tDisabling the vehicle in motion by deactivating the EVC ECU during acceleration.
\n\tManipulation of eCall by modifying the emergency number.
\n\tAlteration of the vehicle’s maximum speed limit.
\n\tUnauthorized access to telemetry. Exfiltration of critical information, such as GPS location, speed, and vehicle status.
\n\tUse of insecure protocols. The CAN bus (Controller Area Network) was initially designed to facilitate communication between a vehicle’s various components, but it is vulnerable to attacks that can intercept, modify, or inject messages into the network.
\n\tAbsence or low effectiveness of authentication mechanisms and protections against code modification. These mechanisms were initially designed to ensure that the software functioned correctly, but the need to protect it against malicious modifications was not considered, leaving the door open to potential attacks.
\n\tInsufficient network segmentation. The vehicle’s network is structured to facilitate communication and data exchange between its components, but not enough segmentation measures are implemented to limit unauthorized access and contain possible threats.
\n\tLow effectiveness in the vulnerability management process. Cybersecurity requires active and continuous management.
\n\tAbsence of mechanisms for monitoring and detecting anomalies or cyberattacks.<\/p>\n

\t\t\t\t\t\t\t\t\t\t\t\tThe automotive industry is experiencing a situation of uncertainty that does not favor a smooth transition. In addition to the traditional risks associated with driving or owning a car, there are now various technological revolutions to consider, such as the emergence of artificial intelligence and the impact of cybercrime. The resulting scenario is increasingly complex.<\/p>\n

All vehicles, whether electric or not, contain numerous components that are susceptible to attack. Brakes can be locked, sensors can be altered, or proximity radars can be deactivated. The maximum speed limit can also be manipulated, as well as the car’s most private data (where it rests each night, which highway it crosses in real-time).<\/p>\n

S2GRUPO has just prepared its Second Report on Cybersecurity in Connected Electric Vehicles, which analyzes the threats to the sector with the objectives of validating the use of a specific methodology for risk analysis development and identifying appropriate security measures to protect the availability, integrity, and confidentiality of Connected Electric Vehicles (CEV).<\/p>\n

Limitations in traditional models<\/p>\n

Researchers have identified the limitations of traditional industrial cybersecurity models:<\/p>\n

Linearity in approach. Until now, risks have been evaluated individually and in isolation, without considering that industrial environments are becoming more complex and current attacks often combine several techniques and stages. This perspective is not appropriate for examining new risk scenarios.<\/p>\n

Relationship between threats and impacts. Dangers do not usually materialize in isolation. It is often necessary to consider simultaneous vulnerabilities.<\/p>\n

Problems in estimating probabilities. A critical risk scenario results from the combination of vulnerabilities at different levels of the system and the sequential nature of attacks. S2GRUPO proposes the Microsoft Threat Modeling Tool (TMT) methodology, which uses attack trees to calculate the probability of risk scenarios materializing, successfully tested in other mobility-related environments, such as the railway or naval sectors, and in critical infrastructures.<\/p>\n

The TMT focuses on functional security, network segmentation, and defense in depth. The connected vehicle should not be confused with the autonomous one, designed to control its own movement without the need for a driver (it is only a small part of connected vehicles). Autonomy is possible thanks to the ability to detect environmental elements and respond independently to them, allowing circulation without human intervention.<\/p>\n

The components of the CEV, as well as their communications and architectures, facilitate the identification of critical elements in the field of cybersecurity. S2GRUPO analysts have proven in the laboratory that attacks can exploit different entry points, such as physical intrusion, wireless access, or through diagnostic protocols.<\/p>\n

Main threats<\/p>\n

Unfortunately, the possibilities for attack are numerous:<\/p>\n

\tBrake locking through malicious manipulation of ABS valves, using diagnostic packet injection (UDS).
\n\tPermanent centralized locking.
\n\tModification of the behavior of visible and audible sensors and actuators.
\n\tDeactivation of proximity radar through the sending of CAN Standalone messages.
\n\tDisabling the vehicle in motion by deactivating the EVC ECU during acceleration.
\n\tManipulation of eCall by modifying the emergency number.
\n\tAlteration of the vehicle’s maximum speed limit.
\n\tUnauthorized access to telemetry. Exfiltration of critical information, such as GPS location, speed, and vehicle status.
\n\tUse of insecure protocols. The CAN bus (Controller Area Network) was initially designed to facilitate communication between a vehicle’s various components, but it is vulnerable to attacks that can intercept, modify, or inject messages into the network.
\n\tAbsence or low effectiveness of authentication mechanisms and protections against code modification. These mechanisms were initially designed to ensure that the software functioned correctly, but the need to protect it against malicious modifications was not considered, leaving the door open to potential attacks.
\n\tInsufficient network segmentation. The vehicle’s network is structured to facilitate communication and data exchange between its components, but not enough segmentation measures are implemented to limit unauthorized access and contain possible threats.
\n\tLow effectiveness in the vulnerability management process. Cybersecurity requires active and continuous management.
\n\tAbsence of mechanisms for monitoring and detecting anomalies or cyberattacks.<\/p>\n

\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t\tBecome a premium member for free!<\/p>\n

<\/p>\n","protected":false},"excerpt":{"rendered":"

Are connected electric vehicles safe? The top threats they face https:\/\/www.escudodigital.com\/en\/cybersecurity\/are-connected-electric-vehicles-safe-the-top-threats-they-face.html Publish Date: 2026-06-06 01:10:00…<\/p>\n","protected":false},"author":1,"featured_media":227098,"comment_status":"closed","ping_status":"","sticky":false,"template":"","format":"standard","meta":{"fifu_image_url":"https:\/\/d3fkdmlbzjtjd3.cloudfront.net\/articulos\/articulos-79413.jpg","fifu_image_alt":"","footnotes":""},"categories":[15],"tags":[20,24,31,27],"class_list":["post-227097","post","type-post","status-publish","format-standard","has-post-thumbnail","hentry","category-cybersecurity","tag-artificial-intelligence","tag-cybersecurity","tag-exploit","tag-vulnerability"],"_links":{"self":[{"href":"https:\/\/testing.news-you-need.com\/index.php\/wp-json\/wp\/v2\/posts\/227097"}],"collection":[{"href":"https:\/\/testing.news-you-need.com\/index.php\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/testing.news-you-need.com\/index.php\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/testing.news-you-need.com\/index.php\/wp-json\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/testing.news-you-need.com\/index.php\/wp-json\/wp\/v2\/comments?post=227097"}],"version-history":[{"count":1,"href":"https:\/\/testing.news-you-need.com\/index.php\/wp-json\/wp\/v2\/posts\/227097\/revisions"}],"predecessor-version":[{"id":227099,"href":"https:\/\/testing.news-you-need.com\/index.php\/wp-json\/wp\/v2\/posts\/227097\/revisions\/227099"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/testing.news-you-need.com\/index.php\/wp-json\/wp\/v2\/media\/227098"}],"wp:attachment":[{"href":"https:\/\/testing.news-you-need.com\/index.php\/wp-json\/wp\/v2\/media?parent=227097"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/testing.news-you-need.com\/index.php\/wp-json\/wp\/v2\/categories?post=227097"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/testing.news-you-need.com\/index.php\/wp-json\/wp\/v2\/tags?post=227097"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}