Centre orders automakers to audit connected cars, EV software amid cybersecurity concerns | #hacking | #cybersecurity | #infosec | #comptia | #pentest | #ransomware


The Centre has asked automobile manufacturers and auto component makers to conduct a comprehensive audit of the software and electronic systems used in connected vehicles and electric vehicles (EVs), including commercial vehicles, amid growing cybersecurity concerns, Business Standard reported.

The Ministry of Heavy Industries has issued the advisory to the Society of Indian Automobile Manufacturers (SIAM) and the Automotive Component Manufacturers Association of India (ACMA). While companies have been urged to review their cybersecurity systems, no deadline has been specified for completing the audit.

The move comes days after the government directed Apple and Google to remove three mobile applications, BAT-BMS, Lossigy and Epoch-i-ion, from their app stores after they were allegedly used to remotely disable electric vehicles by exploiting battery management system vulnerabilities.

According to Business Standard, manufacturers have been asked to review battery communication interfaces, remove weak authentication methods and unsecured default settings, and secure over-the-air (OTA) software update pathways to reduce cyber risks.

The advisory also asks automakers to work with the ministries of road transport and highways, and electronics and information technology to strengthen cybersecurity measures during manufacturing. It describes the recent incidents as a critical security issue requiring coordinated action across the automotive industry.

The government’s primary concern is connected vehicles, where internet-enabled features and remote access capabilities are becoming increasingly common.

The three apps removed from Apple’s App Store and Google’s Play Store are designed to monitor battery information such as charge levels, temperature and battery health. However, videos shared on social media allegedly showed users exploiting the apps to access battery management systems through Bluetooth and remotely disable electric vehicles.

The report said vehicles using low-cost lithium battery packs with factory default settings, weak passwords or no Bluetooth authentication could be vulnerable. In such cases, a person within 10 to 15 metres could connect to the battery management system and disable the vehicle’s discharge function, causing it to lose power.

According to the report, the government believes removing the apps addresses only the immediate threat, while the underlying vulnerabilities in battery communication systems still need to be fixed.

Follow Storyboard18 on Google for the latest and breaking brand makers and industry updates, along with in-depth coverage of digital media and brand marketing. Stay informed with the latest perspectives only on Storyboard18.

First Published on July 8, 2026, 09:07:05 IST

——————————————————-


Click Here For The Original Source.

National Cyber Security

FREE
VIEW