Cyber readiness - critical factor for automotive sector

The automotive industry faces substantial cybersecurity risks, including compromised safety, privacy breaches, financial losses, and reputational harm. Attackers leverage unauthorized remote access mechanisms to disrupt vital systems and access sensitive data, posing safety and privacy threats. Cybersecurity in Automobile Industry is not new to the world, Security researchers Charlie Miller and Chris Valasek managed to remotely compromise a Jeep Cherokee over the internet in 2015. They were able to control critical functions like steering, acceleration, and braking, vividly illustrating the potential dangers of attacks on connected car systems.

EVs make up approximately 15% of global new car sales and are expected to gain the majority of market share of new car sales by 2040. As the number of EVs and charging stations increase, more and more threat actors are looking to attack charging stations. Charging stations can be attacked remotely and by creating extensive charging demand - causing widespread denial of service. Attackers are looking to hack charging points to gain access to private consumer info such as credit card data. Regulators are stepping up their focus on promoting regulations to secure EV charging stations against cyber risks.

2023 - Toyota data breach exposes 10 years’ worth of data for over 2m customers

The Japanese car company revealed that the data breach led to the car-location information of 2.15 million customers being revealed, spanning almost 10 years, starting 6 November 2013 to 17 April 2023. Data included vehicle location information and time data, in-vehicle GPS navigation terminal ID number and the chassis number. The breach led to the data of customers who had used Toyota’s in-car smart service T-Connect, which helps with voice assistance, customer service support, on-road emergency help and more. What is most impoatrnt for me is this breach went unnoticed for 10 years. This is a lesson for the other automobile majors who are storing vehicle tracking information on the cloud. As per a recent study by SCADAFence, 50% of Automotive Manufacturers Are Susceptible to a Ransomware Attack and more than 17% of automotive suppliers most likely will incur a ransomware attack.

2023 - Ransomware attack on Ferrari

Renowned Italian sports car manufacturer Ferrari fallen victim to a ransomware attack in which client contact details were compromised. Though the attack did not impact Ferrari’s operational functions, the company worked with third-party experts to reinforce its systems. This is not the first time that Ferrari has been hit by a cybersecurity incident. In 2022, the company reported the posting of internal documents online. Reuters reported that Ferrari had been attacked by the RansomEXX cyber gang, resulting in the public exposure of seven gigabytes of sensitive customer documents.

2022 - Cyberattack on German subsidiary of Denso

Denso, a Japanese automotive supplier. Pandora ransomware group announced that it compromised the network and shared screenshots of purchase orders, automotive technical diagrams, and emails on its blog. Moreover, the gang claimed to have stolen 1.4 TB of data from the company. Following the attack, Denso apologized for any inconvenience caused and confirmed that the German network was illegally accessed.

2022 - Critical vulnerability allowed attackers to remotely unlock, control Hyundai, Genesis vehicles

Yuga Labs staff security engineer Sam Curry reported that the bug allowed the team to remotely control the locks, engine, horn, headlights, and trunk of vehicles made after 2012. A bug bounty hunter acted as a mock car thief (with his own Hyundai vehicle) for the project by Curry. The Hyundai and Genesis mobile device apps allow authenticated users to manage functions, including starting or stopping and locking or unlocking their vehicles, which could be a serious problem if compromised. Using Burp Suite, the researchers proxied app traffic and monitored API calls, seeking an entry point.

2021 - Volkswagen and Audi ransomware Attack by Conti ransomware group

Vehicle manufacturers Volkswagen and Audi fell victim to the “Conti” ransomware group. Over 3.3 million customers and interested buyers in the United States and Canada were affected by this attack. The attacker was able to obtain access to their networks by scraping an unsecured Microsoft Azure server. Data stolen includes email addresses, vehicle identification numbers, phone numbers, and physical addresses.

2018 - The BMW Vulnerabilities

Researchers from Keen Security Lab discovered vulnerabilities in the onboard compute units of BMW cars during a year-long security audit. The vulnerabilities found in the Infotainment System (Head Unit), Telematics Control Unit (TCU or T-Box), and Central Gateway Module could allow attackers to gain local and remote access to infotainment components, T-Box components, and UDS communication, as well as control the CAN bus. BMW responded by deploying over-the-air updates to mitigate the risks and improve the security of its vehicles.

Conclusion

The increase in cyber threats targeting connected vehicles carries profound implications for user safety, privacy, and financial well-being. This increase in attacks can be attributed to the rising number of internet-connected vehicles. By 2026, there will be over 500 million?connected cars in operation, a staggering number that underscores the scale of the cyber threat.

The automotive industry stands at a critical point. The integration of advanced technologies and the increasing connectivity of vehicles demand a robust and adaptive cybersecurity framework.

#cybersecurity #automobile #connectedcars #automotive #automotivesecurity #ISMS #TISAX #ISO27001 #ISO21434 #IEC62443 #ISO26262