Car hackers discover vulnerabilities that could let them hijack millions of vehicles

The vulnerabilities could let attackers remotely track, stop or control a car — even an entire fleet of emergency vehicles. Another could give hackers access to some 15.5 million automobiles, allowing them to send commands to control braking systems.

In total, a group of ethical car hackers discovered at least 20 vulnerabilities within the application programming interfaces, or APIs, that automakers rely on so technology inside cars can interact. The vulnerabilities affected Ford, Toyota, Mercedes, BMW, Porsche, Ferrari and others.

The findings underscore the security risks for consumers and automakers alike as car manufacturers continue to increase the amount of software in vehicles and provide owners with apps to connect with their cars. It also shows that while automakers have done more to focus on cybersecurity, much remains to be done.