Auto Tech Detroit 2024 highlighted the pressing issue of cybersecurity in the automotive ecosystem. Recorded live during the event, John Heinlein, CMO of Sonatus, had a chat with Upstream’s Jason Masker to take a deeper dive into the evolving threat landscape and the necessary steps to mitigate these risks.
The Automotive cyber inflection points: key insights from Upstream’s 2024 Automotive Cybersecurity Report
Upstream has been at the forefront of cybersecurity for mobility and has been covering the cyber landscape across the Automotive & Smart Mobility ecosystem with extensive annual reports. In its latest report, three key insights stood out:
- Rising scale of threats: 50% of reported incidents now have the potential to impact numerous vehicles, often reaching thousands and even millions, representing a significant increase from 20% in previous years.
- Remote attacks dominate: 95% of incidents are carried out remotely, with 85% possessing extreme remote capabilities.
- Increased black hat activity: 64% of incidents involve black hat hackers, with a 150% rise in deep and dark web activity related to vehicle hacking.
These findings underscore the accelerating nature of cyber threats in the automotive industry.
OEMs’ journey to SDV requires cyber resilience and compliance
The cyber readiness of OEMs varies widely, regardless of their size or fleet. Developing robust cybersecurity capabilities is crucial. Compliance with cybersecurity requirements also varies, with regions like the EU being more regulation-driven, while the US is more incident-driven. Awareness of the financial and reputational risks associated with cybersecurity is increasing.
SDVs offer significant opportunities to enhance cybersecurity. Their ability to produce and analyze better data and their upgradability allow for quicker threat detection and mitigation. Developing nimble capabilities in both the cloud and on vehicles is essential.
With over 25 million monitored connected vehicles and IoT devices worldwide, Upstream has identified and mitigated various threats, including misuse of APIs, attempts to control multiple vehicles, and insider threats. Understanding attacker methods is essential for effective defense.
Auto Tech Detroit 2024 emphasized the growing importance of cybersecurity in the automotive industry. As threats evolve, so must the industry’s approach to mitigating them. Advanced analytics, real-time monitoring, and robust organizational capabilities are key to navigating these challenges effectively.