Today’s vehicles have evolved into highly interconnected cyber-physical systems, combining mobile apps, backend infrastructure, over-the-air (OTA) update mechanisms, and AI-powered decision-making. This growing integration has significantly expanded the potential attack surface, introducing security risks that traditional IT frameworks were not designed to address. As a result, vulnerabilities are increasingly surfacing across the entire automotive ecosystem.
"Unlike a traditional IT system, like a mail server or your home network, the worst case scenario involves things like safety implications or real-world operational disruptions like closing down a road or being able to cause damage to the environment," said Kamel Ghali, vice president at Car Hacking Village.
With the shift toward software-defined vehicles and reliance on OTA updates, cars are beginning to inherit many of the same security weaknesses seen in conventional IT systems. At the same time, the integration of artificial intelligence introduces new concerns, as these models—now responsible for safety-critical decisions—must be safeguarded against manipulation or external interference, Ghali noted.
During a video interview with Information Security Media Group at the RSAC Conference 2026, Ghali further highlighted several key developments. He explained that the automotive supply chain is increasingly investing in cryptographically secure processors to gain a competitive edge.
He also pointed out that threat modeling in the automotive sector is expanding beyond traditional IT considerations to address safety, operational continuity, and environmental impact. Additionally, he emphasized that maintaining supply chain integrity will likely emerge as the most significant long-term cybersecurity challenge for the automotive industry.
Ghali brings over seven years of expertise in automotive cybersecurity, specializing in ethical hacking, penetration testing, training, and product security. He is an active contributor to the global cybersecurity community, leads outreach initiatives for the DEF CON Car Hacking Village, and plays a key role in raising awareness about vehicle security risks.
