Preparing the Automotive Industry to Face Threats Head On

RAFI SPIEWAK

Content Marketing Manager

February 14, 2022

For four consecutive years, Upstream’s analysts have compiled a Global Automotive Cybersecurity Report to inform all stakeholders of threats in the rapidly digitizing automotive industry. Tracking the latest developments allowed them to connect the dots between a rapidly evolving threat landscape, regulatory compliance, and cybersecurity solutions.

The findings this year were unlike any other we’ve seen before. They include highly sophisticated attacks being implemented by hackers who had access to relatively inexpensive hardware. This hardware, combined with knowledge obtained online, saw record thefts and cyber attacks that are catching the attention of anyone who’s involved in the automotive field.

From the 900+ automotive cyber incidents that were analyzed for this report, it’s clear that OEMs, Tier-1, and Tier-2 suppliers have much to face as they move their cars towards greater autonomy and V2X infrastructure.

 

A year without precedent for cyberattacks

2021 was a watershed year in the automotive industry.

The number of connected vehicles has been rising exponentially since 2018, with a whopping 775 million connected vehicles expected to be on the roads by 2023. Not surprisingly, the increased prevalence of connected vehicle components, mobility applications, and the expansion of connected fleets has led to a dramatic rise in the number of automotive-related cyber attacks. To give an idea of the scope of the attack terrain, there were only 30 automotive-related CVEs in 2020, but in 2021 the number of automotive-related CVEs skyrocketed to 133.

The autonomous vehicle trend that hastened the vehicles being connected to any number of devices and servers for various purposes is proving to be something of a double-edged sword. It’s increasingly difficult, if not impossible, to avoid expanding the attack terrain while proliferating and implementing new technologies.

For instance:

  • In 2021, over 80% of automotive cyber incidents were carried out remotely.
  • Key fobs, designed to offer security and superior personalization to passengers, have become one of the most popular targets for cybercriminals, who can swiftly reprogram new ones, allowing them to steal a car in 30 seconds.
  • Insightful data communication mediums are being manipulated to crack open vast tracts of data from individual users or entire companies.
  • Remote attacks increased in their sophistication, as well as in their ability to overcome state-of-the-art defenses without making a single modification to hardware.

The result of these attacks are seismic losses in revenues, with the automotive industry predicted to lose over 500 billion dollars in revenues to cybercrime by 2024.

In light of these striking developments, 2021’s automotive stakeholders arrived at the central question upon which the fate of the entire industry hangs: What can we do to safeguard passengers and the industry’s interests as we increase our offerings through experience-enhancing devices and services?

Global cybersecurity standards: Compliance for building resilience

With connected vehicles producing 25GB of data every hour, the opportunities for digital tampering and theft have never been higher. The urgent and global need for automotive cybersecurity has posed a unique challenge for intergovernmental organizations and individual governments.

These regulations are discussed at length in the Global Cybersecurity Report, including the UNECE and ISO/SAE regulations that require OEMs to take greater responsibility for the cybersecurity practices of their suppliers.

The UNECE’s WP.29 R155 and R156 regulations broadly represent the shift in the cybersecurity paradigm for the automotive industry, demanding that traditional single-product, single-release security measures be replaced by comprehensive Cybersecurity Management Systems (CSMS) that cover the entire lifecycle of a vehicle, from development to post-production.

Solutions for 2022: Standing up to the complex threat terrain

Along with laying out today’s threat landscape, the 2022 Global Automotive Cybersecurity Report also dives into what companies can do to secure their assets, protect vehicle owners, and comply with various global regulations and standards.

Drawn from 900+ industry-related incidents, the cybersecurity report offers a comprehensive view of the challenges OEM, Tier-1, and Tier-2 manufacturers face in confronting the threats that are increasing daily in their sophistication and number. Our report demonstrates the growing difficulty of combating vulnerabilities as vehicles are hooked up to a virtually endless number of connectivity touchpoints.

Addressing the challenges of an ever-changing perimeter first demands that modern threats and their impacts are understood. Download a free copy of the Global Annual Cybersecurity Report to identify the latest trends including attack vectors, technologies, and community practices that stand to exploit vulnerabilities that exist throughout the automotive industry.

Upstream's 2022 Global Automotive Cybersecurity Report

Download Report
Newsletter Icon

The 2025 Global Automotive & Smart Mobility Cybersecurity Report

Newsletter Icon

Subscribe
to our newsletter

Stay up-to-date on the latest trends, emerging risks, and updates

Agentic AI in Action – How Service-as-a-Software Is Reinventing Automotive Cybersecurity Operations

In my previous post, I explored the paradigm shift brought on by service-as-a-software and agentic AI – and what it means for the future of…

Read more

From Services to Software – What the Agentic AI Economy Means for Automotive Cybersecurity

We are at the dawn of a new era in software and service delivery – one where the traditional boundaries between human expertise and digital…

Read more

Securing the Future of Agriculture: The Role of AI-Powered Cybersecurity in Protecting Connected Farming Ecosystems

This blog is the second in a series exploring the impact of technology on modern agriculture.  As agriculture undergoes a digital transformation, the integration of…

Read more

The Future of Agriculture: How Connected and Autonomous Technologies Are Transforming Farming

The agricultural industry is undergoing a technological revolution, driven by advancements in autonomous machinery, connected IoT devices, and AI-driven analytics. These innovations are helping farmers…

Read more
Skip to content