Trend Micro investigates cyberattacks on the automotive industry

February 16, 2023

 New study shows: Suppliers are particularly frequently affected by cyber incidents

Trend Micro, one of the international providers of cyber security solutions, publishes a new study on cyber security in the automotive sector. The analysis of more than 50 significant security incidents between January 2021 and June 2022 shows: All areas along the production and supply chain are affected. Suppliers are particularly at risk. Ransomware attacks and data theft occur most frequently. The Japanese IT security specialist also identifies high-risk areas of connected cars and makes security forecasts for 2023.

The automotive industry is under pressure to master the transformation to electric mobility. The energy crisis has further accelerated the development. More and more e-cars are coming onto the roads. But the change in the industry also increases the risk for security vulnerabilities that can be dangerous for manufacturers, suppliers and customers. Cybercriminals exploit vulnerabilities along the entire production and supply chain. According to the study by VicOne, Trend Micro’s subsidiary specialising in automotive cybersecurity, suppliers are most often affected: they were involved in 67 percent of the incidents investigated. Smaller suppliers in particular are often less well protected against cyber attacks and take longer to recover. This leads to production delays and even outages.  The greatest risk at present is ransomware attacks. During the study period, 43 companies from the automotive industry were victims of such attacks. Malware from the Conti family was used most frequently. There were also nine data incidents. Customer information (41.7 per cent) and sensitive company information (16.7 per cent) in particular were stolen.

Three high-risk areas

In the context of connected cars, Trend Micro has also identified three high-risk areas that are particularly vulnerable to cyberattacks. Manufacturers should have these on their agenda:

Charging stations for e-cars

Charging stations and battery management systems can easily become targets for hackers. Electric cars typically use lithium polymer batteries and require extensive smart control mechanisms to function well. Compared to a conventional car, an electric vehicle has more sensors and uses more communication protocols. Security gaps can arise, especially when exchanging data with the charging station.

Cloud APIs (Application Programming Interfaces)

Most cars today have integrated SIMs (eSIMS) through which they communicate with a backend cloud server. This enables, for example, applications to remotely lock and unlock the vehicle or exchange traffic data with other participants. A cloud API is an important part of the network architecture and must be well secured. In the automotive industry, vehicle-specific cloud APIs are used that may have vulnerabilities.

Remote keyless entry (RKE) systems.

RKE makes it possible to unlock a car and start the engine without having to insert a physical key into the lock. This usually involves the use of a radio frequency (RF) signal. There are numerous vulnerabilities in such RKE systems that attackers can easily exploit to steal the vehicle. Although these vulnerabilities have been known for a long time, they have not yet been completely closed. 

Security forecasts 2023

In addition to the three high-risk areas, the study identifies several security trends that automotive industry security managers should pay particular attention to in 2023:

  • Ransomware will continue to impact the automotive supply chain.
  • Vulnerabilities in open source software components used in vehicle development are a growing risk.
  • Radio signal attacks such as replay, relay, jamming and man-in-the-middle are on the rise.
  • Infotainment and telematics control systems (IVI/TCU) in the vehicle are being infected with malware.
  • As chip-level design is often insecure, vulnerabilities and attacks will increase.
  • Cybercriminals will exploit over-the-air (OTA) data transmission to compromise the data flow or inject malicious code into software updates.
  • Attackers can bypass the digital locks that manufacturers equip vehicles with.

“In 2022, we saw a lot of cyberattacks in the automotive industry – both on the supply chain and on connected vehicles,” said Udo Schneider, IoT Security Evangelist Europe at Trend Micro. “In 2023, the risk of cyber incidents will continue to increase as hackers find a growing attack surface and attractive targets. Many of the threats can be averted by considering techniques and security best practices already proven in other areas.”

Read more

The full study “Cybersecurity in 2022: VicOne Report” can be downloaded here:

Related Articles

Mobile Road Blocker M30 from Hörmann

Mobile Road Blocker M30 from Hörmann

Flexible and certified protection for events Public festivals, music events or Christmas markets - open-air events require appropriate security concepts to provide the best possible protection for the people on site. An important part of this concerns the protection...

Share This