Cybersecurity in the Automotive Industry

Key Takeaways

• Definition of Automotive Cybersecurity: Protection against an attack on technological resources, information systems, and car data. It means safeguarding information systems from illegitimate access or change.

• What's next for the automotive cybersecurity market? In 2025, the automotive cybersecurity landscape will be even more complex as threats expand to include EV charging networks and dealerships. With increasingly big-scale attacks, the industry is turning to AI to identify threats earlier and respond automatically. The future of mobility defense will be defined by proactive, AI-driven strategies.(Upstream Global Automotive Cybersecurity Report,2025)

Introduction to Automotive Cybersecurity

Can you ever imagine how exciting and at the same time frightening it is to wake up every morning to new developments? Technology should make life simple for us but also poses threats.

Way back in 2015, security researchers Charlie Miller and Chris Valasek used quite an interesting trick:they tried to access a Jeep Cherokee remotely, connect the infotainment system and seize the control of safety-critical functions like the brakes and steering. The attack really shed light on some serious cybersecurity exposures in modern cars and highlighted weaknesses in the software supply chain. As a response, Fiat Chrysler had to recall a record 1.4 million vehicles,which was one of the largest cybersecurity recall ever. The call triggered the automotive industry and regulators to place more emphasis on cybersecurity and, as a result, standards like ISO/SAE 21434 and UNECE WP.29 followed that highlight safe software development and risk management throughout the life cycle of a vehicle. 

As cars become more reliant on software and the software ecosystem more complex, the cyber threat landscape continues to evolve. Now all of us know that robust security and safety controls are more critical than ever.

The question is this: as cars get smarter through technology, does the likelihood of getting hurt from one also rise? It is very much so, and here is why.

EC-Council (International Council of E-Commerce Consultants) Courses

Explore Courses

Development of Automotive Technology and the Current State

There is an impressive reconstruction that is taking place within the automobile industry. The characteristics identified with modern automobiles include an internet connection and many communication capacities. This sophistication causes heavily software-based, network-oriented, and communication technologies in vehicles, hence the need for updated approaches.

The EU has set a 100 % reduction in CO₂ emissions for new cars and vans from 2035, meaning only zero-emission models can be newly registered from that year onward, this does not ban petrol or diesel vehicles that are already on the road. Intermediate emission reduction targets are 55 % for cars and 50 % for vans by 2030.((Regulation (EU) 2023/851)

The EU has also updated its General Safety Regulation, which took effect on 6 July 2022. It created the legal framework for approving automated driving systems in Europe.(Implementing Regulation (EU) 2022/1426)

In addition, under UNECE Regulations R155/R156, a Cyber-Security Management System (CSMS) has been mandatory for new vehicle type approvals since 6 July 2022, and it is mandatory for all new vehicles since 7 July 2024. (consolidated Reg. (EU) 2019/2144, Annex II, item D4 and note B and confirmed by UNECE)

Let's look at the in-depth technological metamorphosis in the automotive industry and the new technologies that come with it.

1- Connected Cars

These vehicles communicate with other devices, and features including real-time navigation, traffic updates, remote diagnostics, and emergency calls are all part of a connected car. Connected cars ensure safe driving and smooth running for an advanced driving experience through smartphone integration.

2- Autonomous Vehicles

An autonomous vehicle is a self-driving car without any kind of human input needed for its movement. This is a vehicle that can go without human intervention through hardware and software that automatically controls its mechanisms.

These autonomous vehicles staging into our lives through the development of technology, artificial intelligence, the idea of the Internet of Things, and engineering. They use advanced technologies through the technical infrastructure of the radar, lidar, odometry, GPS, and computer visions for object detections from outside, without the help of human operators.

Featured Source:

AI Workforce Revolution: The Augmented Future

Yes, autonomous vehicles have their very own levels. They have six different levels from no automation to full automation. It is important to note that to date, we are still very far from having full autonomous (Level 5) vehicles on the road.

3- Driver Assistance Technologies

Driver assistance systems come in many forms and with varying depths of functionality but have the main aim of making driving safe and comfortable.

This, of course, helps avoid serious accidents and reduce the fatality rate through the deployment of advanced driver assistance technologies, including automatic emergency braking systems and lane-keeping systems.

The Importance of Automotive Cybersecurity

According to the 2025 Upstream Global Automotive Cybersecurity Report automotive cybersecurity is becoming more important.As cars get more connected and rely on software, they can be updated throughout their lives. This allows for new revenue from on-demand services and better customer experiences driven by data.

But, as more cars get connected, cybersecurity problems grow. OEMs and their supply chains need new ways to protect against more frequent and complex cyber attacks. Upstream's research shows that the number of incidents with a high-massive impact (affecting thousands to millions of mobility assets) continued to increase between 2023 and 2024, accounting for over 60% of all incidents. Most of these attacks (92%) were done remotely, and 65% were executed by black hat actors.

APIs have a central role in providing car features both companies and drivers can benefit from. The more features available using APIs, the higher the risk of cybersecurity attacks. The economic impact of attacks decreased, and it became much simpler for hackers to execute attacks, leading to a huge increase in the size and number of such attacks.

Automotive security not only protects the vehicle from potential threats but also protects customer safety and maintains the brand image.

Featured Resource:

What is Cybersecurity? | Types and Threats Defined

What is Car Cybersecurity?

As the number of electronic components in vehicles is steadily increasing, there are more functions supported by electronic control units. In some cases, whole functions are entirely taken over by electronic systems, such as the Connected Cars or Autonomous Vehicles explained above.

Therefore, automotive cybersecurity can be conceptually defined as maintaining the confidentiality, integrity, and availability of the technological resources of IT systems and the connected infrastructures of cars. At the same time, it also implies the prevention, detection and reaction to any cyber-attacks and the protection of the sensitive data related to the driver and other connected car users.

iSAQB® WEBSEC   Training

Visit Course

Common Security Attacks on Automotive Systems

The 2025 Global Automotive Cybersecurity Report talks about the big security issues that cyber attacks bring to vehicles and the entire car industry. These attacks fall into two main types.

1- Remote Attacks:

Remote attacks use connectivity channels such as Wi-Fi, Bluetooth, APIs, and cellular networks (3G, 4G, 5G). According to the report, 92% of all incidents in 2024 were remote, most of them long-range.

• API-Based Attacks: APIs are now a prime entry point, giving attackers a way to access software functions remotely.

• Ransomware: 2024 was called “the year of ransomware”, as large-scale ransomware and data exfiltration incidents surged across the industry.

2- Physical Attacks:

Although less common, physical access to a vehicle can enable attacks:

• OBD (On-Board Diagnostics) Exploits: Direct access to the OBD port can allow control over key systems.

• Hardware Manipulation: Tampering with sensors, ECUs, or other hardware to override safety or security mechanisms.

The report also notes the impact: in 2024, privacy breaches were the most common outcome (60%), followed by fraud-related incidents (19%), underlining how both individuals and organizations are at risk .

Examples of Cybersecurity Threats in the Automotive Industry

Ransomware Attack on Japanese OEM’s US Division (February 2024)

Cause:

In February 2024, the US division of a Japanese OEM was hit by a ransomware attack. Weaknesses in the company’s IT infrastructure and insufficient protection of backend systems allowed attackers to infiltrate and exfiltrate data.

Result:
The attack led to the theft of 22 GB of sensitive vehicle and customer information. This breach not only compromised personal data but also created reputational damage for the OEM and highlighted vulnerabilities in backend data management.

Preventive Measures:

• Data Protection: Strong encryption must be applied to customer and vehicle data at rest and in transit.

• Zero-Trust Architecture: Access to backend systems should follow strict zero-trust policies with continuous verification.

• Monitoring and Response: Security teams should monitor for unusual data flows and react quickly to suspicious activity.

• Vendor Audits: Third-party IT providers must undergo regular cybersecurity compliance checks.

Large-Scale Ransomware Attack on South Korean Supplier (August 2024)

Cause:
A South Korean Tier-1 automotive supplier fell victim to a ransomware attack in August 2024. Attackers exploited vulnerable entry points in the company’s IT infrastructure and took advantage of poor patch management.

Result:
The incident resulted in 2.3 TB of company data being compromised, including sensitive business information that could affect OEM partners and the wider supply chain. The breach highlighted how suppliers remain a weak link in the global automotive cybersecurity chain.

Preventive Measures:

• Patch Management: All systems must be kept up to date with the latest security patches.

• Network Segmentation: Supplier networks should be separated from production-critical systems to limit exposure.

• Incident Response: Establish and rehearse incident response plans to minimize operational downtime.

• Supply Chain Security: OEMs should enforce strict cybersecurity standards on suppliers and require regular compliance verification.

Challenges and Measures in Automotive Cybersecurity

Challenges & Potential Risks

The report shows that the shift toward connected, software-defined, and autonomous vehicles brings new cybersecurity issues:

• API Exploits: Increased reliance on APIs exposes vehicles and backend systems to remote attacks.

• Ransomware Surge: 2024 was called “the year of ransomware” with 108 mobility-specific ransomware attacks disrupting OEMs and suppliers.

• Data Breaches: 214 breaches were recorded in 2024, many involving theft of customer PII and sensitive company data.

• Backend Vulnerabilities: Attacks on telematics servers and mobility platforms can compromise entire fleets without touching the vehicles directly.

• Supply Chain Weaknesses: Tier-1 and Tier-2 suppliers are frequent targets, creating cascading risks across the industry.

Measures: Automotive Cybersecurity Best Practices

The report underlines several best practices that stakeholders should adopt

• Zero-Trust Architecture: Enforce strict identity checks for all users, apps, and devices.

• Regular Patch & Update Cycles: Continuously apply updates to vehicle software, backend systems, and supplier networks.

• Network Segmentation: Separate critical vehicle systems from non-critical IT to limit attack spread.

• Threat Intelligence & Monitoring: Deploy vehicle-specific SOCs (vSOCs) and monitor APIs, telematics, and mobility data for anomalies.

• Supply Chain Security: Require cybersecurity standards, audits, and compliance checks for all partners.

• Incident Response & Backup: Prepare for ransomware and data breaches with rehearsed response plans and secure offline backups.

Importance of Vehicle Cyber Security Standards

The automotive industry takes notice of the issue of cybersecurity. That is based on rapid digitalization and the level to which the industry is moving toward embracing technologies, all pointing to the aspect of vehicle connectivity. Therefore, it is imperative that automotive brands embrace recent standards in cybersecurity to guarantee safety and the integrity of vehicles.

ISO/SAE 21434 Standard:

This standard provides global guidelines for car cybersecurity. It covers everything from managing risks and production to operation, product development, maintenance, and even decommissioning. Basically, it makes sure that every stage of a vehicle’s life is secure.

This standard provides global guidelines for car cybersecurity. It emphasizes calculating asset risk, prioritizing vulnerabilities, and embedding cybersecurity engineering requirements  from managing risks and production to operation, product development, maintenance, and even decommissioning. Basically, it makes sure that every stage of a vehicle’s life is secure.

WP.29 Regulations:

The WP.29 Regulations, adopted by the United Nations in 2020, are a set of rules designed to enhance vehicle security from the initial design phase through to operation. These regulations, specifically Regulation No. 155 (R155), are revolutionizing automobile cybersecurity in 54 countries. Starting in July 2024, R155 will mandate that all new cars comply with its requirements. The regulation focuses on maintaining high security throughout a vehicle's life by including measures for detecting and responding to incidents, and ensuring secure software updates. 

European Union’s Approach:

In fact, the EU is a strong supporter of cooperative, connected, and automated mobility facilitated through programs like Horizon 2020. They also embrace vehicle cybersecurity by proposing the Cyber Resilience Act, making cybersecurity a prerequisite in digital goods and services throughout their life cycle, protecting new vehicles from cyber threats.

This leads to robust cybersecurity practices in the automotive industry, with our vehicles as secure and safe as they can be in this connected world.

Conclusion

In short, security is the most critical challenge for networked cars in relation to safeguarding them against cyber attack threats. It is what keeps the radio of your car goes blaring at top volume, the windshield wipers turn on, and the car begins slowing down ,when you didn't even touch it. In its fight against the problem, the automotive industry is developing advanced technologies, supported actively by experts in the field, as well as adopting and establishing strong security systems. Importantly, cyber-defense needs to be strengthened to make connected automobiles constantly secure.