Yes, modern vehicles can be hacked. Researchers have demonstrated that by exploiting wireless communications vulnerabilities.
In 2015, security researchers proved a frightening point: they could remotely hack a Jeep Cherokee traveling at 70 mph on a highway and take control of its brakes and transmission from a laptop miles away. The demonstration made headlines and raised a question many drivers hadn’t thought to ask.
So can cars be hacked? Yes — modern vehicles are essentially computers on wheels, and any computer connected to a network can be vulnerable. The good news is that a full remote takeover while you’re driving is extremely unlikely. The more common risks involve data theft, key fob cloning, and GPS tracking, which are worth understanding.
How Car Hacking Actually Works
Automotive hacking exploits vulnerabilities in the software, hardware, and communication systems of a car. The Controller Area Network (CAN bus) is the internal network that lets microcontrollers talk to each other — it’s the nervous system of the vehicle. If a hacker accesses the CAN bus, they can send malicious commands to the engine, brakes, or steering modules.
Gaining that entry isn’t straightforward. Most hacks require a wireless access point, such as the cellular modem used for infotainment, Bluetooth, or the key fob’s signal. Once inside, the attacker can issue commands the car treats as legitimate. Security experts from Kaspersky note that while this is technically possible, it demands significant skill and vehicle-specific knowledge.
Why The Threat Feels Scary But Rare
The idea of a hacker taking over your car from a distant computer is terrifying. It’s also exceptionally hard to pull off. Most real-world car hacks target convenience, not control, and the numbers back that up.
- Remote takeover demonstrations: The 2015 Jeep hack by Miller and Valasek showed it was possible, but required months of preparation and a specific vulnerability that was patched quickly. No real-world attacker has repeated it at scale.
- FBI and DHS warning: In 2016, federal agencies acknowledged the risk and urged manufacturers to improve security, but stressed the threat was still small for everyday drivers.
- Key fob relay attacks: Thieves use devices to amplify the signal from a key fob inside your home, tricking the car into thinking the fob is nearby. This is a common method of theft, not remote driving control.
- Data and privacy risks: Hackers may track your location, steal personal data synced to the infotainment system, or access contact lists. This is far more prevalent than mechanical takeover.
- GPS tracking exploits: Vulnerabilities in telematics systems can allow attackers to monitor a car’s movements — a risk for privacy but not for immediate safety.
The takeaway: while Hollywood-style hacks make headlines, the real dangers are quieter — theft of your car or your data. Understanding the difference helps you focus on practical protections.
What The Jeep Hack Taught Us
The most famous proof of concept came in 2015 when researchers Charlie Miller and Chris Valasek remotely hacked a Jeep Cherokee. They accessed the car’s entertainment system, then used the CAN bus to override steering, brakes, and transmission while a reporter was driving. The vulnerability was patched quickly after, but it forced automakers to rethink security.
The FBI and DHS took the threat seriously enough to issue a public service announcement in 2016. Their FBI vehicle vulnerability warning highlighted that wireless communications could be exploited to gain control over vehicle functions. However, the announcement also noted that such attacks require advanced skills and significant resources.
For the average driver, the main lesson is that cars are no longer isolated machines. They’re part of the Internet of Things, and like any connected device, they have vulnerabilities. The industry has responded with security updates and safer system designs.
| Type of Hack | How It Works | Likelihood |
|---|---|---|
| Remote control attack | Exploits cellular/Bluetooth to send CAN bus commands | Very low (requires advanced skills) |
| Key fob relay | Amplifies fob signal to unlock and start the car | Moderate — common in urban theft |
| Data theft | Accesses infotainment or telematics for personal info | Moderate to high |
| GPS tracking | Exploits telematics to monitor location | Low to moderate |
| CAN bus injection | Directly sends malicious messages into the vehicle network | Low — often requires physical access |
The table shows that the most severe hacks are the least likely. Everyday drivers face higher risks from relay attacks and data breaches than from someone taking control of the steering wheel.
Signs Your Car May Have Been Hacked
Spotting a sophisticated remote hack is hard because attackers try to be subtle. But there are a few red flags that some cybersecurity resources suggest you watch for.
- Unexpected warning lights or messages: If the check engine light or other alerts appear without a clear cause, it could indicate tampering. Some hacks trigger false diagnostics.
- Loss of control over basic functions: If the brakes feel unresponsive, the engine behaves erratically, or the steering pulls without warning, consider a system compromise. Mechanical issues are still far more common.
- Unusual infotainment or navigation behavior: The radio changes stations by itself, GPS shows incorrect locations, or the clock resets. These can be symptoms of an intrusion.
- Key fob not working correctly: If the fob has trouble locking or unlocking, or if the car starts without the fob nearby, a relay attack might have occurred.
If you notice any of these signs, park the vehicle in a secure location and have it inspected by a professional mechanic or dealer. Most modern dealerships can run diagnostics to check for unauthorized access or software anomalies.
How To Reduce Your Risk — The Connectivity Challenge
As cars become more connected, the attack surface grows. Automakers are adding features like over-the-air updates, remote start via smartphone apps, and real-time traffic data. Each new connection is a potential entry point for a determined attacker.
The challenge is well-documented by cybersecurity researchers. Mapfre’s connectivity cyber threat challenge analysis points out that connectivity makes vehicles more susceptible to a wide range of cyber threats, posing challenges for manufacturers, drivers, and regulators. The industry is working on standards like ISO 21434 for automotive cybersecurity.
For everyday drivers, practical steps can reduce risk. Keep your vehicle’s software and firmware updated through the dealership or manufacturer. Avoid plugging unknown devices into the OBD-II port, and be cautious with third-party apps that connect to your car. Turn off Bluetooth and Wi-Fi when not in use, and store key fobs in a faraday pouch at home to prevent relay attacks.
| Protection Measure | Effectiveness |
|---|---|
| Keep software and firmware updated | High — patches known vulnerabilities |
| Use a faraday pouch for key fobs | High — blocks relay attacks |
| Avoid unauthorized OBD-II devices | Moderate — prevents physical access |
| Disable remote start/Bluetooth when not in use | Moderate — reduces exposure |
The Bottom Line
Car hacking is real, but the risk landscape matters. The chance of someone remotely steering your car on the highway is vanishingly small — the 2015 Jeep hack captured attention, not daily reality. The more likely threats are theft of your car via key fob relay and theft of your personal data through the infotainment system. Staying informed and taking basic precautions goes a long way.
If you suspect your vehicle has been compromised, a certified mechanic or your dealership can run diagnostic scans for software anomalies. They can also check for aftermarket tracking devices if privacy is a concern. Keeping your car’s software updated through official channels is your best line of defense against known exploits for your specific make and model.
References & Sources
- Ic3. “Fbi Vehicle Vulnerability Warning” The FBI and DHS issued a public service announcement in 2016 warning that motor vehicles are increasingly vulnerable to remote exploits.
- Mapfre. “Hacked Cybersecurity Connected Cars” Connectivity makes vehicles more susceptible to a wide range of cyber threats, which poses a challenge for manufacturers, drivers, and regulators.