Upstream Security Ltd recently published their “2022 Global Automotive Cybersecurity Report” where approximately 900 automotive cyber incidents from the years of 2010 to 2021 have been analyzed, revealing the most prominent risks and their impact on smart mobility.

According to the report, the category “Privacy/Data breach”, with almost 40 %  of the incidents reported during the past twelve years, caused victims’ identities to be exposed in one way or another. For example, depending on the severity of the data breach, email addresses, credit card numbers, or driver’s license ID numbers were exposed.

The second-most common automotive cyber incident, with 28 % of all incidents reported, involved a car theft or a break-in. This is of course deplorable, since most customers expect their new car to be well protected from grand theft auto, especially with the car’s advanced technologies and systems, but instead cybercriminals take advantage of those systems.

Third-most common cybersecurity incidents in this report, with 24 % of all analyzed incidents, is the control of car systems, meaning that the intrusion enabled hackers to actually control functions within the vehicle, which indubitably has the potential to endanger the driver and passengers if they are in the vehicle at the time of the incident. Although, 900 cybersecurity incidents over the last twelve years really are no reasons to get paranoid, it is notable that 50 % of all of the reported automotive-related cybersecurity incidents did take place during the past two years alone. A skeptical approach would hence be that such a trend is proof of autonomous vehicle will never succeed full acceptance. However, a more optimistic approach would be that such a trend more likely fosters the development of autonomous vehicles.

Another measure from the report is the: “Most common attack vectors for connected vehicles”. (For new readers; an attack vector is a method or pathway that a hacker uses to access the target system.) More than 40 % of the cyberattacks were done through hacking into servers. This might not seem like a big deal, except from the privacy concerns regarding stolen data or an ensuing ransomware attack. But many OEM’s servers are in charge of command-and-control services which facilitates the OEM (or successful hackers) to remotely trigger certain commands of associated vehicles. For example, lock or un-lock the doors, start the engine or honk the horn. Which potentially could put drivers and passengers at risk.

The next most common attack vector for connected vehicles is keyless entry and fob systems (wireless key fobs) at 26 %. And the third most common attack vector is Electronic Control Units (ECUs) and Telematics Control Units (TCUs) at 12 %. A Telematics Control Unit (TCU) refers to the embedded system in a vehicle that connects it to the telematics server, enabling vehicle tracking, telemetry collection, remote commands, and additional services.

Fourth and fifth most common attack vector for connected vehicles, according to the report, is Mobile applications at approx. 7 % and Infotainment systems at approx. 6 %, respectively.

The report is worth reading and gives a good over-view and a quite overall approach to automotive cybersecurity.

Written by Joakim Rosell