Reading:
Automotive Industry Under Ransomware Attacks

Automotive Industry Under Ransomware Attacks

March 25, 2022

Although the automotive industry has begun to digitalize its manufacturing facilities, most businesses still treat cybersecurity as an afterthought. According to a recent analysis on threat trends, about half of the top 100 manufacturers are heavily impacted by ransomware attacks. 

Recent Conti Attacks

Conti performed resounding attacks on Volkswagen and Audi.
Conti performed resounding attacks on Volkswagen and Audi.

The giant vehicle manufacturers Volkswagen and Audi became victims of the Conti ransomware group in July 2021, as an example of automotive manufacturing corporations being hacked. Email addresses, vehicle identifying numbers, phone numbers, and physical addresses were among the information stolen

“Automotive companies were the highest targeted manufacturing sub-sector in 2021, accounting for about 1/3 of the total attacks against the manufacturing industry,” according to an IBM industrial threat research report. Attacking automotive manufacturers’ supply chains via third-party vendors is one of the cybercriminals’ more recent and common strategies. 

Ransomware Escalation in Automotive Industry 

The automotive industry has been under attack in the third week of March 2022, with various corporations showing evidence of data breaches or ransomware activity.

Ransomware attacks on the automotive industry in the third week of March 2022.
Ransomware attacks on the automotive industry in the third week of March 2022.

Why is Cybercrime Increasingly Widespread in the Automotive Industry? 

Automotive ranked eighth out of 35 industries in reported ransomware attacks, making it less vulnerable than technology and IT, logistics, and transportation. But more vulnerable than municipal and legal services. According to a Gartner report from 2021, 71% of automotive CIOs expect to increase their cyber and information security efforts in 2021 over 2020. 

According to cybersecurity experts, the automotive industry has embraced digitization and automation of internal operations with enthusiasm, resulting in a dramatic boost in productivity while also rendering organizations more exposed to cyber-attacks.

What Can Automotive Industries Do to Avoid Ransomware Infections?

It seems essential for the automotive industry to take security precautions against ransomware.
It seems essential for the automotive industry to take security precautions against ransomware.
  • Understanding the various security vulnerabilities and threats that relate to automotive manufacturer systems and equipment and which approach is required for improved security is the first step in determining how to protect the organization’s systems. 
  • With the advancement of technology, more companies are connecting their legacy systems to the internet to allow third-party vendors to collaborate with their operational technology equipment. While it may take some time for the business to adjust to this new security approach, it is encouraging to see the continual growth in awareness that is helping the industry become safer. 
  • The automotive industry must adopt a more proactive security strategy to detect and mitigate risks in their manufacturing environment to prevent becoming victims of the next large-scale ransomware attack.

SOCRadar Can Help Prevent Big Losses

Deliver in-depth and contextual data to your cybersecurity teams with SOCRadar Extended Threat Intelligence.
Deliver in-depth and contextual data to your cybersecurity teams with SOCRadar Extended Threat Intelligence.

SOCRadar’s Extended Threat Intelligence system provides holistic and contextual intelligence with three different modules working in coordination. Acts as if it is part of your company’s cybersecurity teams. Thus, it supports a proactive security posture against ransomware and other threats.

  • The AttackMapper module discovers your external attack surface and provides constant visibility. It automatically detects and inventories your internet-facing digital assets.
  • RiskPrime, a digital risk protection module, collects contextual intelligence about your company on the dark and deep web. Allows you to create alarms when necessary. It helps protect your company’s reputation through dark web analysts and artificial intelligence collaboration.
  • With ThreatFusion cyber threat intelligence module offers many more monitoring and management conveniences, such as vulnerability tracking, integration of IoCs used by threat actors into your security system, detecting and blocking malware used by ransomware groups for phishing.
Discover SOCRadar® Free Edition

With SOCRadar® Free Edition, you’ll be able to:

  • Discover your unknown hacker-exposed assets
  • Check if your IP addresses tagged as malicious
  • Monitor your domain name on hacked websites and phishing databases
  • Get notified when a critical zero-day vulnerability is disclosed

Free for 12 months for 1 corporate domain and 100 auto-discovered digital assets. Get free access