2021 was quite a year for cybersecurity. With a string of eye-opening attacks that demonstrated the vulnerabilities associated with public and private sectors and impacting networks from critical infrastructure to software supply chains, we were forced to acknowledge that we have our work cut out for us. And as we move forward into creating a more secure future, we must also pay attention to our cars. Although automobiles may not be top of mind when thinking about cybersecurity, they – like the rest of our world – are becoming increasingly reliant on internet connectivity, meaning they face similar threats as we were confronted with this year.
Cyberattacks on the Automotive Industry
One of the biggest examples of cyberattacks launched on the automotive industry occurred recently when Volvo was impacted by a data breach. While the company reported that customer information was luckily unaffected, the hack did lead to stolen R&D data. Alongside Volvo, Eberspaecher, a German supplier of automotive exhaust and thermal management systems, was also hit by a disruptive event in 2021. In October, its IT infrastructure was successfully attacked causing Eberspaecher to pause production at a number of factories for a period of time. But this wasn’t the first year that the industry experienced such incidents. Honda previously went through a breach that was carried out on its global computer network, resulting in the temporary halt of certain operations. In 2017, it was also included in the list of targets of the widespread WannaCry ransomware attack.
The Expansion of Automotive Cybersecurity
If left unattended to, this threat landscape will continue to expand. Potential repercussions outlined by researchers at the University of Colorado – Colorado Springs could include the loss of control over a vehicle’s functions or even an attack on trucking operations, which could spell disaster when you consider other challenges such as supply chain issues. That is why the automotive cybersecurity field is also growing. As Shibuya Data Count defined it in a recent press release, “Automotive cybersecurity is a new and advanced technology in the automotive industry based on the integration of the IoT for car security.” It assists in handling potential risk, protective software and network monitoring among other aspects. According to that same press release, the market for this service is expected to grow at the rate of 16.6% CAGR by 2027, especially as companies look to advance their security following events like listed above, regulation initiatives increase and technology continues to advance.
The role of this type of cybersecurity becomes even more important when you consider the stats published in Black Kite’s “Ransomware Risk: Automotive Manufacturing In 2021” report. It concluded that, “Nearly half of the top 100 automotive manufacturers are highly susceptible to a ransomware attack,” and “More than 17% of automotive suppliers are likely to incur a ransomware attack.” Fortunately, the report also found that 71% of automotive CIOs surveyed planned to increase cyber and information security investments throughout 2021.
Taking Proactive Cybersecurity Steps in 2022
The trick in 2022 will be to keep this trend going and to dive further into proactive measures. The Black Kite study recommends beginning with understanding the critical elements of your company. Once you understand that, you can then comprehend what risks you may come up against, including third party risks. This helps, in turn, to develop a risk monitoring and management strategy. As all of this is being set up, the report points out that it is beneficial to involve the company’s teams in this process.
In addition to these steps, Autocrypt laid out some guidelines. Due to the complexity of automotive systems, the Autocrypt article emphasizes that cybersecurity should be implemented from the start with the design manufacturing stages. But even the precautions included then may eventually become outdated. Therefore, it is crucial that software updates are prioritized, and vulnerabilities are patched with current tools.
Learn more about the automotive cybersecurity resources and services that Dellfer provides by visiting https://dellfer.com/industries/automotive/.
Sources:
- “How cyberattacks disrupt the auto supply chain” – Terry, Kosdrosky, Automotive News
https://www.autonews.com/automakers-suppliers/how-cyberattacks-disrupt-auto-supply-chain - “Automotive Cyber Security Market 2021 Applications, SWOT Analysis, Remarkable Growth and Competitive Landscape by 2027” – MarketWatch
https://www.marketwatch.com/press-release/automotive-cyber-security-market-2021-applications-swot-analysis-remarkable-growth-and-competitive-landscape-by-2027-2022-01-13?tesla=y - “Cybercriminals hacking into vehicles pose dangers as local researchers try to stop them” – Patrick Nelson, KOAA
https://www.koaa.com/news/deep-dive/cybercriminals-hacking-into-vehicles-pose-dangers-as-local-researchers-try-to-stop-them - “RANSOMWARE RISK: AUTOMOTIVE MANUFACTURING IN 2021” – Black Kite
https://blackkite.com/wp-content/uploads/2021/06/Ransomware-Risk-_-Automotive-Manufacturing-in-2021.pdf - “Top 6 Cybersecurity Challenges Unique to the Automotive Industry” – Autocrypt
https://autocrypt.io/top-6-cybersecurity-challenges-automotive-industry/