There was a startling and sharp increase in cyber threats within the automotive industry in 2024. Despite regulatory scrutiny, cybercriminals are evolving faster than the industry can respond, increasing the gap between regulatory measures and the skills of hackers.
According to a report from Upstream, in 2024, cybersecurity incidents surged to 409, which is up from 295 in 2023. The report highlighted that the rising number of ransomware cyberattacks is one of the most significant contributing factors. Ransomware attacks are some of the most disruptive and costly, causing a substantial disruption to business operations and the loss of critical information and data.
Over 60% of the events affected thousands of millions of assets including automobiles, charging stations, and apps. Massive-scale attacks affecting millions of vehicles jumped from 5% to 19% in a year.
A further breakdown of the findings revealed that data and privacy breaches accounted for 59% of the cybersecurity incidents; 55% disrupted service and business operations; 23% affected car systems; and 21% were frauds. Often, the telematics systems and applications servers served as the primary entry points for cybercriminals where they could disable owner’s control of their vehicles, turn off location tracking, and make it easier to break into the car.
Additionally, 92% of the attacks were executed remotely, of which 84% were long-range. 76% of black hat activities targeted multiple stakeholders and had an extensive global reach.
The sharp increase in cyberattacks and the widening cybersecurity gap in the automotive industry is alarming. Just last year, the industry witnessed the devastating and far-reaching impact that these attacks can have when a ransomware attack targeted CDK Global, causing a three-week disruption to over 15,000 dealerships across the U.S.
The shocking data reveals that cyber threats are evolving faster than the industry is prepared to handle. Hackers now leverage AI to orchestrate large-scale attacks targeting vehicles, interconnected systems, and various mobility applications. As the attacks continue to happen more frequently, automakers and tech firms must adapt and work quickly to strengthen digital defenses and mitigate risks.
