Connected vehicles demand stronger cybersecurity and common standards
The ban on three Chinese-origin EV apps has exposed cybersecurity risks in connected vehicles, underscoring the need for robust standards like AIS189 and stronger digital safeguards
)
premium
Obtaining cybersecurity approval will be a prerequisite for putting new vehicles on the road. | Source: Vahan
Listen to This Article
A recent hacking incident, which resulted in the ban of three Chinese-origin smartphone apps, has highlighted cybersecurity concerns centred on the automobile industry. The apps — BAT-BMS, Lossigy, and Epoch-i-ion — were designed for electric-vehicle (EV) battery management, but they can be misused to remotely disable the vehicles. Following the incident, the Union government, as reported by this newspaper, has asked automobile and parts makers to audit the software and devices in connected cars and EVs. Connected vehicles are those connected to the internet directly or via Bluetooth to smartphones. Automobiles without cyber firewalls present critical security vulnerabilities, and hackers have demonstrated such bugs for at least a decade. There is a global annual cybersecurity event, Pwn2Own Automotive, which focuses on demonstrating vulnerabilities in vehicles. In January, security researchers earned $516,500 after demonstrating 37 “zero-day” vulnerabilities in different vehicles on the first day of Pwn2Own Automotive 2026. (A zero-day is a previously undiscovered bug.)
