Imagine the scene. It's a cold Monday morning in Moscow. You walk out to your car, coffee in hand, ready to face the day. You press the button to unlock your car, and ... nothing happens. You try again. Still nothing. The alarm starts blaring. You can't turn it off.
Welcome to Monday 26 January, 2026, and the chaos that was caused by a cyberattack on Delate - a Russian company that provides smart alarm systems for homes, businesses, and cars.
Frustrated car owners across the country reported being unable to unlock their vehicles, while others managed to get inside but found their engines refusing to start.
And then there were some particularly unfortunate individuals who reported that their car engines actually jammed while they were driving.
And to make matters worse? Delta's phone lines were down, and its website had vanished. Good luck to anyone hoping for technical support.
Russian news outlet Baza reported on Telegram that affected users were being told they would need to have their vehicles reprogrammed at a dealership to restore normal functionality. Quite how you were supposed to get your bricked car to a dealership wasn't explained.
When Delta itself eventually surfaced, again on Telegram (presumably having found it hard to communicate via its own servers), it confirmed that it had been hit by what it described as a "large-scale external attack" on its infrastructure.
The company said that there were "currently no signs" of personal data being stolen. However, seeing as the state of its IT infrastructure was in such a sorry state that it had to resort to communicating via Telegram, one wonders just how well it had been able to investigate the incident.
At the time of writing, no hacking group has claimed responsibility for the attack, and no details have been shared as to its nature with suspicions ranging from a relatively simple distributed denial-of-service (DDoS) attack to an infestation of wiper malware or ransomware.
There is clearly potential for more harm than just to brick vehicle alarm systems. Launched in 2020, the Delta app not only connects to car alarm systems, but also tracks vehicle locations and appears to store payment data. If a determined hacker had managed to compromise Delta's systems and software infrastructure, highly sensitive customer information could have been compromised.
If the story of cars being bricked in Russia is giving you a sense of déjà vu, it may be that you are thinking of the incident from late last year, where hundreds of Porsche owners found their cars had been immobilized.
In that incident, the problem was traced to a loss of satellite connectivity to the cars' Vehicle Tracking Systems (VTS).
Both incidents highlight an uncomfortable truth about the security of connected vehicles - the very systems designed to protect your vehicle from thieves can prevent you from accessing it too.
Security-critical components need to be designed with the assumption that remote systems will fail at some point, whether due to accident or malicious attack. Having a graceful fallback that does not leave drivers stranded would be a good start.
Editor’s Note: The opinions expressed in this and other guest author articles are solely those of the contributor and do not necessarily reflect those of Fortra.
Cybersecurity for Your Industry
Your industry is unique. Your cybersecurity stack should be, too. Fortra® offers cybersecurity solutions to meet the challenges and compliance requirements of industries around the world.
