A new study shows that the automotive industry and suppliers are particularly often affected by cyber incidents. Trend Micro has examined the cyber attacks and evaluated the data: it shows 50 significant security incidents between 2021 and 2022.
Trend Micro publishes a new study on automotive cybersecurity. The analysis of more than 50 significant security incidents between January 2021 and June 2022 shows: All areas along the production and supply chain are affected. Suppliers are particularly at risk. Ransomware attacks and data theft are the most common. The Japanese IT security specialist also identifies high-risk areas of networked cars and makes security forecasts for 2023.
Rapid development forces security gaps
The automotive industry is under pressure to master the transformation to electromobility. Due to the energy crisis, the development has picked up speed. More and more electric cars are coming onto the streets. However, the changes in the industry also increase the risk of security vulnerabilities that can be dangerous for manufacturers, suppliers and customers. Cyber criminals exploit vulnerabilities along the entire production and supply chain. According to the study by VicOne, Trend Micro's subsidiary specializing in automotive cybersecurity, suppliers are most often affected: They were involved in 67 percent of the incidents investigated.
Smaller suppliers in particular are often less well protected against cyber attacks and take longer to recover. This leads to production delays and failures. The greatest risk is currently ransomware attacks. During the study period, 43 companies from the automotive industry were victims of such attacks. Malware from the Conti family was used most frequently. There were also nine data incidents. In particular, customer information (41,7 percent) and sensitive company information (16,7 percent) were stolen.
Three high-risk areas
In the context of connected vehicles, Trend Micro has also identified three high-risk areas that are particularly vulnerable to cyberattacks. Manufacturers should have these on their agenda:
Charging stations for e-cars
Charging stations and battery management systems can easily become targets for hackers. Electric cars typically use lithium polymer batteries and require extensive intelligent controls to work well. Compared to a conventional car, an electric vehicle has more sensors and uses more communication protocols. Security gaps can arise, especially when exchanging data with the charging station.
Cloud APIs (Application Programming Interfaces)
Most cars today have integrated SIMs (eSIMS) through which they communicate with a backend cloud server. This enables applications, for example, to lock and unlock the vehicle remotely or to exchange traffic data with other participants. A cloud API is an important part of the network architecture and must be well secured. In the automotive industry, vehicle-specific cloud APIs are used, which can have vulnerabilities.
Remote Keyless Entry (RKE) systems
RKE makes it possible to unlock a car and start the engine without having to put a physical key in the lock. A radio frequency (RF) signal is usually used. There are numerous vulnerabilities in such RKE systems that attackers can easily exploit to steal the vehicle. Although these vulnerabilities have been known for a long time, they have not yet been completely closed.
Security forecasts 2023
In addition to the three high-risk areas, the study identifies several security trends that security managers in the automotive industry should pay particular attention to in 2023:
- Ransomware will continue to impact the automotive supply chain.
- Vulnerabilities in open source software components used in vehicle development are a growing risk.
- Over-the-air attacks such as replay, relay, jamming, and man-in-the-middle are on the rise.
- In-vehicle infotainment and telematics control (IVI/TCU) systems are infected with malware.
- Because chip-level design is often insecure, vulnerabilities and attacks will increase.
- Cyber criminals will exploit OTA (Over the Air) data transmission to compromise data flow or inject malicious code in software updates.
- Attackers can bypass the digital locks that manufacturers equip vehicles with.
"In 2022 we observed numerous cyber attacks in the automotive industry - both on the supply chain and on connected vehicles," says Udo Schneider, IoT Security Evangelist Europe at Trend Micro. “In 2023, the risk of cyber incidents will continue to increase, as hackers find a growing attack surface and attractive targets here. Many of the threats can be averted by using techniques and security best practices that have been proven in other areas.”
More at TrendMicro.com
About Trend Micro As one of the world's leading providers of IT security, Trend Micro helps create a secure world for digital data exchange. With over 30 years of security expertise, global threat research, and constant innovation, Trend Micro offers protection for businesses, government agencies, and consumers. Thanks to our XGen™ security strategy, our solutions benefit from a cross-generational combination of defense techniques optimized for leading-edge environments. Networked threat information enables better and faster protection. Optimized for cloud workloads, endpoints, email, the IIoT and networks, our connected solutions provide centralized visibility across the entire enterprise for faster threat detection and response.