Report highlights cyber threats to automotive industry

5. February 2024
| No comments
Report reveals cyber threats to automotive industry

Share post

Cyber ​​Threats: The 2023 VicOne Automotive Cyberthreat Landscape Report identifies the supply chain as the primary target of increasing cyberattacks on the automotive industry. This also shows a list of cyber-based trends and incidents that have threatened the automotive industry.

VicOne has unveiled its new Automotive Cyberthreat Landscape Report 2023. The comprehensive annual report on cyber threats across the automotive industry is based on data from automotive original equipment manufacturers (OEMs), suppliers and dealers worldwide and includes the following key points:

  • The indication of the growing use and monetization of automotive data - and the associated risk of exploitation by cybercriminals
  • A list of cyber-based trends and incidents that have threatened the automotive industry this year
  • Forecasts on upcoming threats and how to ensure an effective cybersecurity strategy for the next year and beyond

🔎 The connection to the Internet turns the new automobiles into a smartphone on four wheels - which you can also attack (Image: VicOne).

“In our analysis of the threat landscape, we found that automotive industry losses from cyberattacks exceeded $11 billion in the first half of the year, an unprecedented increase compared to the last two years,” VicOne said Automotive Cyberthreat Landscape Report 2023.

$11 billion lost due to cyberattacks

A closer look shows that these cyberattacks were primarily aimed at automotive suppliers, which indicates an increasing risk potential in these areas. What's alarming is that over 90% of these attacks targeted other companies in the supply chain rather than the OEMs themselves. Cybercriminal attackers often find it difficult to penetrate well-protected companies, so they instead target less vigilant companies.

The Cyberthreat Landscape Report 2023 report addresses the cybersecurity challenges associated with the increasing complexity of vehicles due to the use of improved connectivity and automation, as well as the emergence of advanced driver assistance systems (ADAS). It shows that industry losses are increasing due to cyberattacks via ransomware and the exposure of sensitive business data or personally identifiable information (PII), as well as costs associated with system failures.

Many security holes discovered

The calculations in the VicOne Automotive Cyberthreat Landscape Report 2023 are based only on the tangible costs incurred associated with damaged or blocked technology and disruption to production operations, and not on intangible costs of cyberattacks such as brand maintenance, public relations, sales and marketing expenses.

The report identifies the main security vulnerabilities that can compromise vehicle data and lists the Common Weakness Enumeration (CWE) vulnerabilities in tables. The most common vulnerabilities documented by VicOne include out-of-bounds write (OOBW), out-of-bounds read (OOBR), buffer overflow, use after free vulnerabilities, and incorrect input validations. Most vulnerabilities were found in chipsets or systems-on-chip (SoCs) circuits, followed by vulnerabilities in third-party management applications and in-vehicle infotainment (IVI) systems. Third-party providers such as logistics companies, service providers and component, accessory or parts manufacturers are increasingly being targeted by hackers.

Last year's attack patterns

The VicOne report includes case studies of some of the top attack patterns from the last year. These include the Zenbleed vulnerability, which can lead to the leakage of sensitive data at a remarkably high speed of 30 kB/s per computer core, the so-called CAN bus injection, which has become a popular technique among vehicle thieves, and Penetrating the backend cloud infrastructure by exploiting vulnerabilities in telematics systems and application programming interfaces (API).

Directly to the PDF report at VicOne.com

 

About VicOne

With a vision to secure the vehicles of tomorrow, VicOne offers a broad portfolio of cybersecurity software and services for the automotive industry. VicOne's solutions are specifically designed to meet the stringent requirements of automotive manufacturers and are designed to meet the specific needs of modern vehicles.

 

Matching articles on the topic

Cybersecurity platform with protection for 5G environments

Cybersecurity specialist Trend Micro unveils its platform-based approach to protecting organizations' ever-expanding attack surface, including securing ➡ Read more

Data manipulation, the underestimated danger

Every year, World Backup Day on March 31st serves as a reminder of the importance of up-to-date and easily accessible backups ➡ Read more

Printers as a security risk

Corporate printer fleets are increasingly becoming a blind spot and pose enormous problems for their efficiency and security. ➡ Read more

The AI ​​Act and its consequences for data protection

With the AI ​​Act, the first law for AI has been approved and gives manufacturers of AI applications between six months and ➡ Read more

Windows operating systems: Almost two million computers at risk

There are no longer any updates for the Windows 7 and 8 operating systems. This means open security gaps and therefore worthwhile and ➡ Read more

AI on Enterprise Storage fights ransomware in real time

NetApp is one of the first to integrate artificial intelligence (AI) and machine learning (ML) directly into primary storage to combat ransomware ➡ Read more

DSPM product suite for Zero Trust Data Security

Data Security Posture Management – ​​DSPM for short – is crucial for companies to ensure cyber resilience against the multitude ➡ Read more

Data encryption: More security on cloud platforms

Online platforms are often the target of cyberattacks, such as Trello recently. 5 tips ensure more effective data encryption in the cloud ➡ Read more

PR News
, , , , ,