Top Automotive Cyberattacks in 2021 & 2022

With each passing year, cybercrime becomes more sophisticated, far-reaching, and relentless. Cybercrime was estimated to inflict damages totaling $6 trillion USD globally in 2021, but by 2025, this figure is projected to reach up to $10.5 trillion USD annually by 2025, a 15% increase per year over the next few years.

Criminals target critical infrastructures at the Edge and IoT because of their vulnerabilities, many of which have landed big headline stories thanks to the severe impact they’ve had on businesses and abused consumers. No industry is spared, and such is the example of the automotive industry, which has seen cyberattacks increase by 225% in the last three years.

Cyberattacks in the automotive industry are mainly executed remotely, outnumbering physical attacks with an astounding 85%, with 40% of attacks targeting back-end servers.

The top attack categories include ransomware, data breaches, and attacks on control systems. All in all, the automotive industry stands to lose $505 billion by 2024 due to cyberattacks.

Next, we’ll be sharing some of the biggest headline-grabbing incidents that targeted the automotive industry during the past year and the few months that have gone by this year.

Ransomware & data breaches

1. An Asian OEM’s American business experienced a ransomware attack by the DoppelPaymer gang, who demanded $20 million in exchange for a decryptor and not leaking stolen data.
2. Two major Israeli public transportation companies were hit by a ransomware attack with reported data leaks to the Darknet. Not only was data stolen, the attack brought the company’s websites down.
3. In April 2021, a North American EV manufacturer suffered at the hands of cyber criminals who hacked the doors of the auto-maker’s vehicles using a drone carrying a Wi-Fi dongle.
4. In late February 2022, Toyota was forced to shut down its plants in Japan after one of its suppliers was hit with a severe cyberattack. The news made headlines as it highlighted the vulnerabilities of the automotive industry to such attacks, and the substantial consequences of breaches. Operations were suspended in 28 lines at 14 plants, affecting the production of 10,000 cars, which is roughly equivalent to 5% of the monthly output from the company’s Japanese factories.
5. In January 2022, Emil Frey, Europe’s largest car dealer was hit with a ransomware attack that corrupted the system and backups. The company quickly restored commercial activity but they declined to answer how exactly customer information was accessed.

Vulnerability exploitation is the top vector for attacks on automotive manufacturers according to IBM’s X-Force Threat Intelligence Index 2022 report. According to the report, there was a “flurry of attacks on Japan in particular” in part due to last summer’s Olympic Games.

DDoS/Botnets/Hacking

1. In September 2021, criminals used elaborate hacking hardware to steal 25 European-made luxury cars in London.
2. In Oakville, Canada, 124 car thefts were reported in a city of 211,000 residents, and 60% of those thefts were carried out with keyless entry tech.
3. Denso, one of world’s largest technology and component makers, was targeted by hackers in March, 2022 as they accessed the company’s network in Germany which led to the shut down of the network’s connection to compromised devices after the breach was detected. Alleged attackers claimed to have stolen 1.4 Tb of data.
4. A hacker exploited a vulnerability in a major European Tier-1 infotainment system that was deployed in an Asian OEM’s vehicle. This was achieved by plugging in a USB device, then executing the exploitation to gain root shell access to the system.
5. In June 2021, it was reported that hackers exploited a feature in modern vehicles’ ECUs, and managed for the first time to misuse it and remotely attack other ECUs. The hackers managed to attack and shutdown the powertrain ECU and power steering ECU into vehicles.

Cyberattacks are big business and grew larger and more sophisticated in 2021. In fact, over 37% of global organizations said they were the victim of some form of ransomware attack in 2021, according to IDC's 2021 Ransomware Study.

Traditionally, cyber criminals are financially motivated to deploy attacks like ransomware or DDoS thanks to the ability to disrupt essential services until payment (ransom) is made. The more sophisticated the technology, the more cyberattacks we are bound to see.

AI EdgeLabs can help you protect your Edge and IoT infrastructures in an all-encompassing platform that offers you improved network visibility, early threat detection, and immediate remediation and countermeasures to keep your systems, data, and resources safe.