Automotive cyber incidents doubled in 2019, reaching 188 vulnerabilities

According to Upstream Security Ltd. report, automotive hacking incidents more than doubled in 2019 compared to the data of 2018.

Automotive cyberattacks are possible since many vehicles are connected to the internet. Not only that, but new technologies also mean that there are more points of attack for cybercriminals.

Keyless go, remote start, remote shut down, car mobile applications, all of these technologies can become attack vectors. Automotive cyber attacks can be seen as more dangerous than attacks on computer devices since they can physically endanger the victim.

Report data reveals that from 2016 to 2019, the number of automotive hacking incidents increased more than 7 times. Last year alone, the number of cyber incidents jumped by nearly 138%.

Year-To-Date, as of July 6, 2020, there have been 88 hacking cases in the automotive industry. It has to be noted that sometimes it takes months for the hacking incident to become publicly disclosed.

In addition, companies might choose to keep a hacker intrusion private as it hurts their reputation. Either way, we can expect hacking incidents to continue to increase in the upcoming years.

The reason being, connected vehicles are becoming a standard in the industry. In the US, almost half of the automotive industry market share is occupied by General Motors, Ford, and Toyota. These manufacturers state that they will only sell connected vehicles by the end of 2020.

Meaning, at least half of the vehicles in the US are a possible target for cybercriminals. Other manufacturers are sure to catch up and sell mostly connected vehicles in the upcoming years as well.

One of the examples of how dangerous an automotive cyber attack can be was demonstrated in April 2019, when a hacker accessed internal systems of iTrack and ProTrack. By accessing these systems, the hacker could monitor thousands of vehicle locations and even kill the car engines while the cars were moving.

Cyber-attacks focus on car theft

Connected vehicles have many attack vectors, but some are more common than others. Since monetary gain is the main goal for most criminals, they aim to access the vehicles. The chart below displays the impact of automotive cyber incidents over the past 10 years.

Almost one-third of hacking incidents in this period involved criminals stealing the car or breaking into the car and stealing equipment from inside the vehicle.

The fact that keyless entry is a huge vulnerability for most manufacturers was proven by a research carried out by German General Automobile Club (ADAC) in January 2019.

Their findings showed that 99% of brands using keyless systems were prone to get hacked. They tested 237 keyless entry car models and found that 230 of them could be hacked within a few minutes.

A close second attack vector is control over car systems, with over 27.22% of all successful attack volume. When a hacker gains control over a server, it allows the criminal to access certain functionality within the connected vehicle.

Cybercriminals can unlock the car and start or kill the engine after gaining access to the car’s systems. Simultaneously, if the system is advanced enough, hackers could disable the brakes while the vehicle is in motion. Due to these reasons, this hacking method is the most dangerous to the victims.

Around 12.72% of automotive cyber incidents happen due to vulnerabilities in the vehicle’s mobile application. Many new cars can be unlocked and even started via the mobile application.

BMW’s most vulnerable to cyber attacks

The chart below displays top CVEs (Common Vulnerabilities and Exposures) sorted by automotive companies. CVEs are an industry standard for publicly disclosed cybersecurity vulnerabilities and exposures. Each vulnerability can affect millions of cars if the attack vector is the same across those vehicles.

BMW’s top the list with 10 known vulnerabilities. Most of these vulnerabilities were discovered in May 2018, where onboard units of the BMW vehicles could be hacked remotely to compromise the cars.

Not known to many, Agile Fleet is a fleet management company which helps its customers to reduce transportation costs. This company was found to store sensitive customer information in plain text, which could be obtained by fraudsters with minimal hacking knowledge.

Tesla, one of the leaders in the connected vehicle market, has 7 publicly known vulnerabilities and exposures. Most cyber-attacks on Tesla vehicles aim towards their entertainment system, where hackers can access it and display messages on the screen.

For those interested in known automotive cyber incidents and vulnerabilities, more information can be found here.

“In a connected world, cybersecurity is as fundamental to your safety as the brakes.” CEO of Jaguar Land Rover, Sir Ralf D Speth.


John C.

John C.


Tags: cyber-attack automotive