Automotive security

Blogs

Jaguar Land Rover Data Hack reveal Significance of Security & Privacy by Design

Jaguar Land Rover announced suffering they hit by a cyberattack in August that severely disrupted its production and retail activities. Cyber criminals stole data, held by the carmaker, it has said, as its factories in the UK and abroad face prolonged closure. This massive data hack reveal that every stakeholder in the supply chain must be embed and lazed with security and privacy by design.

Principle of security by design

So the ever evolving automotive industry and modern vehicles are more of software, which means more coding which goes upto 100 million codes and this is growing in numbers and run more applications then ever before.

So the more coding and software, the more lucrative it is for attackers to target systems and codes and if security flaws exist then its a heaven for cyber criminal as it is now easy target for data privacy leaks etc.

Best practices for Securing by Design principles and software development are enough to address the emerging risk to automotive systems and other systems within the vehicle.

According to the BBC, three plants were affected: the ones in Solihull, Halewood and Wolverhampton. Also the cyberattack forced the company to disconnect some systems, which led to factories in China, Slovakia and India getting shut down and workers being instructed to stay at home. 

As per the company suppliers and retailers for JLR are also affected, some operating without computer systems and databases normally used for sourcing spare parts for garages or registering vehicles.

Scattered Spider group behind the cyber attack

As per reports the notorious Scattered Spider  the hackers group is credited for the attack on JLR. The threat actor was also linked to recent attacks against major UK retailers, as well as several other industries worldwide. 

This is the second cyberattack that hit JLR this year. In March, the Hellcat ransomware group claimed to data theft which were in hundreds of gigabytes of data from the carmaker.

July we witnessed how Scattered spider group targeted the aviation and retail sector

https://intruceptlabs.com/2025/07/scattered-spider-group-target-aviation-sector-third-party-providers-to-vendors-are-at-risk-solutions-that-will-improve-security-posture/

Addressing cyber security challenges in Automotive security

Organization addressing such cyber incident in near future will require dedication that will extend to all levels. This includes data layer, connection layer, authentication layer and more.

If organizations are proactive enough in establishing comprehensive protective measures and ensuring reliable systems that wont fail and in place, ultimately will create safe environment for entire ecosystem more resilient against cyber disruptions.

Cybersecurity challenges in automotive innovation

The integration of advanced technology has brought the automotive industry face-to-face with complex cybersecurity challenges. Vehicle technology, now deeply intertwined with software, exposes both consumers and manufacturers to varied threats.

The challenge for manufacturers is finding the right balance between advancing connected features and securing those very connections against evolving threats.

Transformation in Automotive industry while navigating cautiously in the midst of cyber attack

The year 2025 is transformative for automotive industry as the industry witnessing many groundbreaking technological advancements that is lazed with challenges in cybersecurity and supply chain resilience.

Navigate cyber challenges

For automotive industry as a whole, opportunities are huge for the industry as a whole but will take concrete shape when fitted with with robust architecture, zero-trust security frameworks and being transparent. There is a need to have more collaborative mindset and approaches among manufacturers, suppliers and leaders in technology of which cyber security is now important part.

Intercept offers Mirage Cloak

Mirage Cloak the Deception Technology, offers various deception methods to detect and stop threats before they cause damage.

These methods include adding decoys to the network, deploying breadcrumbs on current enterprise assets, using baits as tripwires on endpoints, and setting up lures with intentionally misconfigured or vulnerable services or applications. The flexible framework also lets customers add new deception methods as needed.

Sources: https://www.theguardian.com/business/2025/sep/10/jaguar-land-rover-says-cyber-attack-has-affected-some-data

Blogs

Automotive Security under fire as Firmware Flipper Zero of Dark Web break Rolling Code security of Latest Vehicles

Security researchers discovered Firmware for device related to Flipper Zero and showcased by YouTube channel Talking Sasquatch.

A cyber threat that can bring in significant escalation in automotive cybersecurity that demands a single intercepted signal to compromise a vehicle’s entire key automotive functionality. Rolling code security systems basically protects millions of modern vehicles.

Automative vehicles may use encryption to avoid eavesdropping (i.e., capture and decoding of signals) or tampering attacks (i.e., “flipping” lock signals to unlocks). However, replaying signals, even if they are encrypted, is straightforward.

Rolling code security

That is where rolling code come in action and have been introduced wherein a particular code2 (e.g., an “unlock” code) is considered disposable, i.e., it is only used once. In a nutshell, every button click on the key fob triggers a counter in the key fob and in the vehicle upon reception to roll, making it valid for subsequent use in the future. (https://dl.acm.org/doi/full/10.1145/3627827)

Single capture attack method: For this new attack to work, all that is needed is a single button-press capture from the keyfob, without any jamming. Just from that single capture, it is able to emulate all the keyfob’s functions, including lock, unlock, and unlock trunk. A consequence of this is that the original keyfob gets out of sync, and will no longer function.

According to the Talking Sasquatch, the attack works by simply reverse engineering the rolling code sequence, either through sequence leaks or prior brute forcing of the sequence from a large list of known codes.

Challenges in Automotive landscape

The automotive landscape has transformed into a convergence of software and mechanics, introducing exciting possibilities for vehicle performance and convenience. New concerns on vulnerabilities raises eyes about how malicious actors can exploit codes.

Regardless of the method, videos demonstrating the attack show that only a single capture is needed to emulate a keyfob completely.

Affected vehicles include Chrysler, Dodge, Fiat, Ford, Hyundai, Jeep, Kia, Mitsubishi and Subaru. As of yet, there appears to be no easy fix for this, other than mass vehicle recalls.

Secure coding

It is advised that regular code reviews is published that uses latest static analysis tools help detect vulnerabilities early in the development process.

Keep a secured update mechanisms enable swift responses to emerging threats that can address security vulnerabilites

Let’s understand the importance of of security and feel responsible for it and that requires best practices, cyber security culture and implementing early testing.

What can manufactures do to avoid cyber security lapses

For manufactures its advisable DevSecOps and automotive fuzzing tools that offer great solutions to prevent crashes further they improve efficiency and accuracy of their testing efforts and minimize costs.

GaarudNode from Intruceptlabs

GaarudNode is an all-in-one  solution designed to empower development teams with the tools they need to secure their applications throughout the development lifecycle. By combining the power of SAST, DAST, SCA, API security, and CSPM, GaarudNode provides a comprehensive security framework that ensures your applications are built, tested, and deployed with confidence.

Sources: https://www.rtl-sdr.com/flipperzero-darkweb-firmware-bypasses-rolling-code-security/)

Scroll to top