This article provides a real example of how cars today are hackable through the software and connectivity built into them. I’m personally worried about the cars I own now and will buy in the future. So much so that I plan to have at least one car from a pre-digital era without connectivity to the internet.
I’m very surprised I didn’t see this article about the Nissan Leaf hack in the regular news (here it is in Security Week). During a hacking competition in April 2025, the 2020 Nissan Leaf was remotely hacked through the infotainment system’s Bluetooth capability. The researchers were able to do many things, including create a communication link over cellular that allows remote control of the steering wheel.
The researchers could hack the car to do all of the following:
- Remote control the steering wheel, doors (locks, I assume), wipers, horn, mirrors, windows, and lights while the car was in motion
- Track the car’s location
- Record people talking in the car
- Take screenshots of the infotainment system
Nissan is aware of the issues but I couldn’t find information to see if they have fixed the problems. This isn’t the first time the Nissan Leaf has been hackable, according to another security report I found from 2016.
I know many people in automotive product security and they are doing their best to secure cars and focus on safety. There are even cybersecurity standards that the developers follow for vehicle cybersecurity. The ultimate problem is that software contains defects—it is impossible to test for all the situations and ways that the millions of lines of software code can be hacked. The best we can do is rely on vehicle manufacturers to continuously update the software and improve their architecture to keep the threats out of the systems.