Main Cybersecurity Threats in the Automotive Industry

The automotive industry is embracing rapidly advancing technology, transforming vehicles from mere mechanical devices into specialized computers that control the entire mechanics and electrical system of a car. Connecting them to the internet introduces certain threats. Can we consider the automotive industry safe online? Why do hackers focus their efforts on it? What are the main cybersecurity threats in the automotive industry that the management should pay attention to? You will find out from our article.

Is the automotive industry safe online?

In December 2021, several car manufacturers fell victim to a cyberattack. Volvo admitted that hackers stole the company's research and development data.

In February 2022, Toyota temporarily halted operations at all its Japanese factories for a few days. This decision was made after a cyberattack on Kojima Industries, a parts manufacturer and Toyota's partner. It affected the production of around 10,000 vehicles, accounting for 5% of the company's monthly production in Japan.

In 2017, Honda, Nissan, and Renault (KPMG) were attacked by the WannaCry virus. Honda temporarily closed production plants when it was discovered that corporate networks in Japan, America, Europe, and China were infected, resulting in significant financial losses.

Fiat Chrysler had to recall 1.4 million vehicles as legally operating hackers successfully infiltrated a test drive vehicle. They remotely changed the settings of wipers, air conditioning, and the radio.

Chinese hackers found a way to hack a Tesla. They placed small stickers at an intersection and convinced the autopilot that they were surface damage. This led the car to the wrong lane.

At the UN Digital Summit (IGF 2021) in Katowice, experts concluded that the cybersecurity of future autonomous vehicles is poorly defined. There is still a lack of appropriate standards or regulations.

These are just a few examples showing that the automotive industry is not as safe online as it may seem. Even major corporations investing heavily in cybersecurity must consider the likelihood of a cyberattack that could disrupt the company's operations for an extended period.

Why is the automotive industry attractive to hackers?

The number of both autonomous and network-connected vehicles continues to rise. Installing the Internet of Things (IoT) in vehicles significantly enhances driving comfort and travel safety. However, continuous technological development also brings certain threats.

Modern cars are now computers filled with electronics and network-dependent solutions. According to KPMG analysts, premium-class cars contain about 150 million lines of digital software code. Surprisingly, this is 12 times more than, for example, a fighter jet like the F-35 or the passenger Boeing 787. And this is just the beginning. McKinsey experts predict that by 2030, the number of codes will increase to 300 million, placing cars among the most complex machines globally. Hackers are unlikely to miss such an opportunity.

In the automotive industry, we deal with a multi-stage, complex production process. Technical vulnerabilities can appear at each stage of the product life cycle, serving as a gateway for hackers. The automotive industry should prepare well for increased cybersecurity threats and various malicious activities. Cars are now a vast repository of valuable data connected to the internet, offering hackers an opportunity to gain access.

Breaking into a car is facilitated by the fact that comfort-driving operating systems, such as the ability to make calls, air conditioning, and audio equipment, are paired with personal smartphones. Unfortunately, these phones often lack sufficient security, making them easily accessible.

Vehicle hacking is driven not only by financial motivation, such as obtaining data for sale or demanding ransom in exchange for decrypting files. Such actions can be a way for a hacker to gain temporary fame. Breaking into car systems is often part of the activities of state entities in political power struggles. Amid all this, we must not forget about user safety—cybercriminals, regardless of their motivations, manipulating vehicle options, can pose a real threat to the life of the driver and other innocent individuals.

What cyber threats does the automotive industry need to prepare for?

Operating in the automotive industry, cybersecurity cannot be treated as a secondary matter. This issue must be among the priorities, requiring a dedicated budget for improving security. Unfortunately, some situations are unavoidable.

Navigation and alarm systems are particularly vulnerable as viruses can easily infiltrate them. Hackers also target vehicle immobilizers. Oscar Ramos-Lopez gained notoriety for hacking into the immobilizer management system at Texas Auto Center, immobilizing over a hundred cars. On another occasion, he activated alarms en masse for an entire night.

Cybercriminals also like to attack internal communication systems in cars, affecting functions such as backup camera settings, steering assistance, and mirror settings during reverse maneuvers. This poses a significant threat on the road.

Hackers often employ brute force attacks, a technique for breaking passwords by trying all possible combinations. Criminals have software at their disposal that generates new options based on available algorithms. Depending on the password's complexity, it can be cracked in a matter of months, weeks, or even days.

Like in many other industries, phishing is also highly effective here. It's a cunning method of obtaining login credentials. Hackers, impersonating another entity, trick users into clicking on a link or opening an attachment with malicious software. Just one person failing to recognize the scam is enough for malware to appear on the company's computer.

The management in the automotive industry must also be prepared for potential ransomware attacks. After infiltrating IT systems, hackers encrypt all available data, leading to the company's paralysis and disruption of continuity. Moreover, the company faces a significant dilemma of whether to pay a hefty ransom in exchange for restoring data access.

Part of the problems may stem from the lack of uniform legal norms and regulations. For example, who is responsible for a faulty component that facilitates hackers' work? Should the manufacturer be held accountable for the behavior of a component it didn't produce but obtained from another source? In the industry, human factors are often blamed for accidents, protecting the manufacturer or data component supplier.

A significant threat to vehicle safety may come from the users themselves, who are unaware of lurking dangers. Simply connecting a poorly secured mobile device to the car can pose a risk.

Remember that hackers can be extremely inventive in their actions, often surprising with unconventional solutions. They may conduct attacks in ways few would expect.

""With the dynamic development of the 'connected cars' concept, automotive companies accumulate vast amounts of valuable personal data, mainly related to a driver's location and driving characteristics. These also include activities of connected devices, such as made connections, messages, and phone numbers, which is very concerning for conscious car users. This situation provides a wide range of opportunities for criminals who can steal data without physical contact with the vehicle by intercepting signals and connections, and then use the gathered information for phishing frauds based on email, SMS, or even direct contact, posing as a car service." - says Bartosz Kozłowski, security expert at Sagenso.

If you want to ensure the security of data in your company, conduct a free cybersecurity audit on your own. We also encourage you to visit our fan page or LinkedIn profile, where we share useful tips.

See you!