22-07-2025
How worried should EV owners be about their car being hacked?
Electric cars increasingly resemble computers on wheels, connected to the cloud and with their own array of apps — so should users be afraid of them being hacked?
Cybercriminals target the most popular electronic products, from PCs to smartphones, and as electric vehicles (EVs) become more popular, their attention will inevitably switch to these expensive, connected, software-driven products.
Yahoo News spoke to some of Britain's leading cybersecurity experts to assess the real risks.
Can electric cars be hacked?
While electric cars can be targeted by cybercriminals, owners should "be aware, but not overly concerned", said Antoinette Hodes, an expert at cybersecurity company Check Point.
The connected element of electric vehicles, including having to be plugged in to charging points and download software, makes them particularly vulnerable.
'As EVs become more connected and software-driven, they increase the potential attack surface for cybercriminals," she said.
'EVs rely on wireless communication (bluetooth, wifi, GPS, etc) and cloud-based ecosystems, which makes them vulnerable to cyber threats.'
In competitions where hackers test the security of devices to prevent real criminals from exploiting weaknesses, they have managed to take over chargers such as Tesla's Wall Connector (at the January 2025 Pwn2Own Automotive in Tokyo).
Australian hacker Troy Hunt showed in 2016 how hackers could break into Nissan Leaf via its app, gaining control of vehicle systems, including climate control.
Cybercriminals attack electric vehicles directly, usually through wifi or other wireless connections, or by hacking into infotainment systems, Daniel dos Santos, head of research at cybersecurity company Forescout, told Yahoo News.
But one particular vulnerability is attacks that target EV chargers, which have the potential to be devastating, dos Santos said.
'Electric car owners are likely to have EV chargers at home, often solar panels and sometimes battery systems to store the generated energy. All those systems are often remotely managed and therefore connected to the internet," Dos Santos told Yahoo News.
Research by Forescout in March 2025 found that attackers could take charge of solar inverters and also EV chargers from the same manufacturer.
It's possible that by controlling EV chargers, hackers would be able to either steal electricity, charge cars for electricity they had not used, or even steal private data.
"An even scarier scenario – which hasn't yet been demonstrated as far as I know – would be a sort of 'worm' that spreads when cars are connected for charging," says Dos Santos. "So that a car could get infected, then infect other charging points, which would infect other cars and so on. An attacker that managed to compromise a network of chargers through a supply chain attack could then cause some serious impact.'
Are certain brands more likely to be hacked?
Hackers at the Black Hat security conference demonstrated successful attacks against Tesla vehicles in 2016.
But there are additional concerns over the data used by some Chinese brands, particularly those which produce EVs that are cheaper to buy than brands such as Tesla and Nissan.
British defence firms have warned staff against connecting work devices to Chinese-made EVs in March 2025, in case the apps steal data, the i paper reported.
For ordinary consumers, this is unlikely to be an issue, but cheaper brands may have vulnerabilities that lead to data leaking online, for example.
James McQuiggan, security awareness advocate at KnowBe4, said: "The genuine concern isn't just remote hijacking, as it is about data privacy, app compromise, and supply chain vulnerabilities.
"EVs are essentially a large electronic ecosystem, which means they require the same level of cyber hygiene as any internet-connected device."
What can EV drivers do to stay safe?
The approach to keeping electric vehicles safe is very much the same as normal cyber safety, says Check Point's Hodes.
That means keeping software updated at all times, and being cautious about what cars are connected to.
Hodes said: "As cars become more autonomous and connected, the potential for remote attacks increases.
"The key for owners is to adopt good cybersecurity practices — keeping software updated, being cautious about what devices they connect to, and treating their car as any other connected device."
