STOCK TITAN
  1. Home
  2. News
  3. UPB
  4. Automotive Security Leaders Must Take Immediate Action to Mitigate the Surging Cyber Threats--Upstream Report Reveals Critical Gaps

Automotive Security Leaders Must Take Immediate Action to Mitigate the Surging Cyber Threats--Upstream Report Reveals Critical Gaps

Rhea-AI Impact
(Low)
Rhea-AI Sentiment
(Negative)
Tags
Rhea-AI Summary

Upstream Security released its 2025 Automotive & Smart Mobility Cybersecurity Report, revealing alarming trends in automotive cybersecurity. The report shows that 60% of cyber incidents in 2024 affected thousands to millions of mobility assets, with massive-scale attacks more than tripling from 5% to 19% year-over-year.

Key findings include a surge in mobility-specific ransomware attacks, with 108 reported ransom attacks and 214 data breaches in 2024. A notable incident involved a US software provider serving 15,000 automotive dealerships, causing $1.02 billion in estimated losses. The total number of incidents reached 409 in 2024, up from 295 in 2023, with 92% of attacks executed remotely and 85% being long-range attacks.

Data and privacy-related incidents rose by 20% to account for 60% of all cases, while car system manipulation incidents increased to over 35%. The report emphasizes that current regulatory measures are insufficient to address the growing cyber risks in the automotive sector.

Upstream Security ha pubblicato il suo Rapporto sulla Cybersecurity Automobilistica e sulla Mobilità Intelligente per il 2025, rivelando tendenze allarmanti nella sicurezza informatica automobilistica. Il rapporto mostra che il 60% degli incidenti informatici nel 2024 ha colpito migliaia, se non milioni, di asset legati alla mobilità, con attacchi su larga scala che sono aumentati di oltre il triplo, passando dal 5% al 19% anno dopo anno.

I principali risultati includono un aumento degli attacchi ransomware specifici per la mobilità, con 108 attacchi di riscatto segnalati e 214 violazioni dei dati nel 2024. Un incidente notevole ha coinvolto un fornitore di software negli Stati Uniti che serve 15.000 concessionarie automobilistiche, causando perdite stimate di 1,02 miliardi di dollari. Il numero totale di incidenti ha raggiunto 409 nel 2024, in aumento rispetto ai 295 del 2023, con il 92% degli attacchi eseguiti a distanza e l’85% di questi considerati attacchi a lungo raggio.

Gli incidenti legati a dati e privacy sono aumentati del 20%, rappresentando il 60% di tutti i casi, mentre gli incidenti di manipolazione dei sistemi automobilistici sono aumentati di oltre il 35%. Il rapporto sottolinea che le attuali misure regolatorie non sono sufficienti per affrontare i crescenti rischi informatici nel settore automobilistico.

Upstream Security publicó su Informe sobre Ciberseguridad Automotriz y Movilidad Inteligente 2025, revelando tendencias alarmantes en la ciberseguridad automotriz. El informe muestra que el 60% de los incidentes cibernéticos en 2024 afectaron a miles o incluso millones de activos de movilidad, con ataques a gran escala que más que se triplicaron, pasando del 5% al 19% de un año a otro.

Los hallazgos clave incluyen un aumento en los ataques de ransomware específicos de movilidad, con 108 ataques de rescate reportados y 214 violaciones de datos en 2024. Un incidente notable involucró a un proveedor de software en EE. UU. que atiende a 15,000 concesionarios de automóviles, causando pérdidas estimadas de 1.02 mil millones de dólares. El número total de incidentes alcanzó 409 en 2024, un aumento respecto a los 295 de 2023, con el 92% de los ataques ejecutados de manera remota y el 85% siendo ataques a larga distancia.

Los incidentes relacionados con datos y privacidad aumentaron un 20%, representando el 60% de todos los casos, mientras que los incidentes de manipulación de sistemas de automóviles aumentaron en más del 35%. El informe enfatiza que las medidas regulatorias actuales son insuficientes para abordar los crecientes riesgos cibernéticos en el sector automotriz.

Upstream Security가 2025 자동차 및 스마트 모빌리티 사이버 보안 보고서를 발표하며 자동차 사이버 보안의 alarming한 트렌드를 드러냈습니다. 보고서에 따르면 2024년 사이버 사건의 60%가 수천에서 수백만 대의 모빌리티 자산에 영향을 미쳤으며, 대규모 공격은 5%에서 19%로 세 배 이상 증가했습니다.

주요 결과에는 모빌리티 특화 랜섬웨어 공격의 급증이 포함되어 있으며, 2024년에 보고된 랜섬 공격 108건과 데이터 유출 214건이 있었습니다. 주목할 만한 사건은 15,000개의 자동차 대리점을 지원하는 미국 소프트웨어 제공업체와 관련이 있으며, 예상 손실은 10억 2000만 달러에 달합니다. 사건의 총 수는 2024년에 409건에 달하며, 이는 2023년의 295건에서 증가한 수치입니다. 공격의 92%는 원격으로 수행되었고, 85%는 장거리 공격으로 분류됩니다.

데이터 및 개인정보 관련 사건은 20% 증가하여 전체 사건의 60%를 차지하며, 자동차 시스템 조작 사건은 35% 이상 증가했습니다. 보고서는 현재의 규제 조치가 자동차 부문의 증가하는 사이버 위험을 해결하기에 불충분하다고 강조합니다.

Upstream Security a publié son Rapport sur la Cybersécurité Automobilistique et la Mobilité Intelligente 2025, révélant des tendances alarmantes dans la cybersécurité automobile. Le rapport montre que 60% des incidents cybernétiques en 2024 ont affecté des milliers à des millions d'actifs de mobilité, les attaques à grande échelle ayant plus que triplé, passant de 5% à 19% d'une année sur l'autre.

Les principales conclusions incluent une augmentation des attaques par ransomware spécifiques à la mobilité, avec 108 attaques de rançon signalées et 214 violations de données en 2024. Un incident notable a impliqué un fournisseur de logiciels américain servant 15 000 concessions automobiles, entraînant des pertes estimées à 1,02 milliard de dollars. Le nombre total d'incidents a atteint 409 en 2024, en hausse par rapport à 295 en 2023, avec 92 % des attaques exécutées à distance et 85 % considérées comme des attaques à longue distance.

Les incidents liés aux données et à la vie privée ont augmenté de 20 %, représentant 60 % de tous les cas, tandis que les incidents de manipulation des systèmes de voitures ont augmenté de plus de 35 %. Le rapport souligne que les mesures réglementaires actuelles sont insuffisantes pour faire face aux risques cybernétiques croissants dans le secteur automobile.

Upstream Security hat seinen Bericht zur Cybersicherheit im Automobilbereich und in der smarten Mobilität für 2025 veröffentlicht und alarmierende Trends in der Automobilcybersicherheit aufgezeigt. Der Bericht zeigt, dass 60% der Cybervorfälle im Jahr 2024 Tausende bis Millionen von Mobilitätsressourcen betroffen haben, wobei die Anzahl der großangelegten Angriffe von 5 % auf 19 % im Jahresvergleich mehr als verdreifacht wurde.

Wichtige Erkenntnisse umfassen einen Anstieg spezifischer Ransomware-Angriffe auf Mobilität, mit 108 gemeldeten Lösegeldangriffen und 214 Datenverletzungen im Jahr 2024. Ein bemerkenswerter Vorfall betraf einen US-Softwareanbieter, der 15.000 Automobilhändler bedient, was zu geschätzten Verlusten von 1,02 Milliarden Dollar führte. Die Gesamtzahl der Vorfälle erreichte 409 im Jahr 2024, ein Anstieg von 295 im Jahr 2023, wobei 92% der Angriffe aus der Ferne durchgeführt wurden und 85% als Fernangriffe eingestuft wurden.

Vorfälle im Zusammenhang mit Daten und Privatsphäre stiegen um 20% und machen 60% aller Fälle aus, während Vorfälle von Manipulationen an Fahrzeugsystemen auf über 35% anstiegen. Der Bericht betont, dass die derzeitigen regulatorischen Maßnahmen unzureichend sind, um die wachsenden Cyberrisiken im Automobilsektor zu bewältigen.

Positive
  • None.
Negative
  • 60% of cyber incidents affected thousands to millions of mobility assets
  • Massive-scale attacks tripled from 5% to 19% in 2024
  • 108 ransomware attacks and 214 data breaches reported in 2024
  • Single ransomware attack caused $1.02 billion in losses
  • Total incidents increased 39% (409 vs 295) year-over-year
  • Data and privacy incidents up 20% to 60% of all cases
  • Car system manipulation incidents rose to over 35%

Insights

The automotive industry faces a watershed moment in cybersecurity that poses significant financial and operational risks across the entire value chain. The 409 documented incidents in 2024, up from 295 in 2023, represent just the tip of the iceberg, as many attacks likely go unreported. The 60% of cyber incidents affecting thousands to millions of vehicles signals a critical shift from isolated incidents to systemic risks.

The financial implications are staggering. The reported $1.02 billion loss from a single ransomware attack on dealership software demonstrates the magnitude of potential damages. This will likely trigger a cascade of effects: 1) Increased cybersecurity insurance premiums for automotive companies 2) Higher operational costs as manufacturers invest in defensive measures 3) Potential regulatory fines for inadequate protection of consumer data, given that 60% of incidents involved data privacy breaches.

The 92% remote attack rate and 85% long-range execution capability indicate that traditional perimeter security measures are insufficient. This necessitates a fundamental shift in how automotive companies approach cybersecurity, requiring substantial investments in cloud-based security infrastructure and real-time monitoring systems. Companies that fail to adapt risk severe reputational damage and loss of market share, particularly as vehicle software complexity increases and autonomous capabilities expand.

The automotive industry's rapid digitalization has created an unprecedented security crisis that threatens to reshape competitive dynamics. The surge in telematics and application server attacks from 43% to 66% between 2023 and 2024 exposes critical vulnerabilities in the industry's digital transformation strategy.

This security challenge creates a clear competitive differentiator. Manufacturers who can demonstrate robust cybersecurity measures will likely command premium positioning and stronger customer trust. The rising threat of large-scale attacks affecting millions of vehicles simultaneously could force automakers to reevaluate their software development approaches and supplier relationships.

The complexity of modern vehicle systems, evidenced by the 35% increase in car system manipulation incidents, suggests that automotive companies must fundamentally rethink their approach to system architecture and security. This could delay autonomous vehicle deployment timelines and necessitate more extensive testing protocols, potentially creating a significant gap between leaders and laggards in the race toward full autonomy.

Upstream's 2025 Automotive & Smart Mobility Cybersecurity Report reveals that 60% of cyber incidents could affect thousands to millions of connected vehicles, with massive-scale attacks more than tripling; the report emphasizes that current regulatory requirements are insufficient to address expanding cyber risks.

ANN ARBOR, Mich., Feb. 11, 2025 /PRNewswire/ -- Upstream Security, the leading provider of cloud-based cybersecurity and data management platform purpose-built for automotive, smart mobility, and IoT ecosystem, today released the 2025 Automotive & Smart Mobility Cybersecurity Report. The annual report, returning for its seventh year, highlights that despite the increased regulatory attention, the number, scale, and severity of cyber attacks continues to grow, showing a false sense of security and resilience. Automakers and mobility stakeholders have to go beyond regulations to address the threats causing serious implications for safety, operational availability and data privacy.

The report revealed that in 2024, 60% of cybersecurity incidents in the automotive and smart mobility sectors affected thousands to millions of mobility assets, including vehicles, EV charging stations, smart mobility apps, and connected devices. Notably, massive-scale incidents—each impacting millions of vehicles—more than tripled, rising from 5% in 2023 to 19% in 2024. This sharp increase highlights the urgent need for organizations to prioritize resilience by extending their cybersecurity efforts beyond regulatory compliance.

The rise of software-defined and autonomous vehicles has introduced new vulnerabilities, leading to a widening cybersecurity gap. Additionally, critical infrastructure in smart mobility devices, like EV chargers and fleet management systems, has expanded the attack surface and magnified the stakes. Mobility-specific ransomware attacks surged in 2024 causing unprecedented disruptions with 108 reported ransom attacks and 214 data breaches. One of the most impactful incidents was a ransomware attack in June on a leading US-based software provider used by 15,000 automotive dealerships which resulted in halted operations for nearly three weeks, estimating losses at $1.02 billion.

"The cybersecurity landscape across the Automotive and Smart Mobility ecosystem is poised to become more complex than ever," said Yoav Levy, CEO and co-founder of Upstream. "Cyber threats are evolving faster than the industry is prepared to handle, outpacing regulation-driven measures. Threat actors have already shifted toward large-scale, sophisticated and AI-powered attack methods, targeting not only vehicles but also interconnected systems such as EV charging infrastructure, API-driven apps, and smart mobility IoT devices. This growing attack surface demands a transformative and proactive approach to cybersecurity."

Cyberattacks in 2024 became more sophisticated and frequent, targeting vehicles and backend systems, as well as smart mobility platforms, devices, and applications. 65% of publicly reported cyber incidents were carried out by black hat actors with malicious intent. 92% of attacks were executed remotely, supporting the surge in scale and impact, of which 85% were long-range and did not require any physical proximity to the targeted asset. The ecosystem experienced a significant surge in telematics and application server attacks in 2024— 43% of incidents in 2023 rising to 66% in 2024.

In addition to monitoring publicly reported cyber incidents, Upstream's AutoThreat® team monitors the deep and dark web for threat actors targeting connected vehicles, mobility applications and devices. When zooming in on deep and dark web activities carried out by black hat hackers, 70% activities had the potential to impact thousands to millions of mobility assets and over 76% targeted multiple stakeholders and had a global reach.

Additional key findings in the report include:

  • 2024 saw 409 new incidents (up from 295 in 2023), contributing to a total of 1,877 documented cases since 2010.
  • The dramatic rise in incidents is largely attributed to a sharp escalation in ransomware attacks targeting the mobility sector.
  • Data and privacy-related incidents accounted for 60% of 2024 incidents, up 20% from 2023.
  • The percentage of incidents involving car system manipulation and control of vehicle systems increased dramatically in 2024, accounting for over 35% of incidents.

The report further delves into a range of topics including China's strategic automotive investments and impact on the cyber landscape, EV charging infrastructure risks, 2024's attack vectors and today's regulatory reality. Download the full 2025 Upstream Global Automotive & Smart Mobility Cybersecurity Report here.

About Upstream Security

Upstream delivers a cloud-based, AI-powered data management platform purpose-built for connected vehicles, smart mobility, and IoT ecosystem. The Upstream Platform transforms fragmented, distributed mobility data into centralized, structured, and contextualized data lakes, unlocking its full potential. By leveraging this data, Upstream empowers customers with advanced, AI-driven applications across various use cases, including proactive vehicle quality management, cybersecurity detection and response (XDR), fraud prevention, observability, usage-based insurance, and more.

Upstream Media Contact
Mushkie Meyer
Mushkie@headline.media
US: +1 914 336 4035
UK: +44 203 769 4034

 

Cision View original content:https://www.prnewswire.com/news-releases/automotive-security-leaders-must-take-immediate-action-to-mitigate-the-surging-cyber-threatsupstream-report-reveals-critical-gaps-302373309.html

SOURCE Upstream

FAQ

What are the key findings of Upstream's 2025 Automotive Cybersecurity Report?

The report reveals that 60% of cyber incidents affected thousands to millions of mobility assets, with massive-scale attacks tripling from 5% to 19%. There were 409 new incidents in 2024, including 108 ransomware attacks and 214 data breaches.

How much did automotive cybersecurity incidents increase in 2024?

Cybersecurity incidents increased from 295 in 2023 to 409 in 2024, representing a 39% increase. The total documented cases since 2010 reached 1,877.

What was the largest financial impact from a single automotive cyber attack in 2024?

A ransomware attack on a US-based software provider serving 15,000 automotive dealerships resulted in estimated losses of $1.02 billion and halted operations for nearly three weeks.

What percentage of automotive cyber attacks were executed remotely in 2024?

92% of attacks were executed remotely, with 85% being long-range attacks that did not require physical proximity to the targeted asset.

How did data and privacy-related automotive incidents change in 2024?

Data and privacy-related incidents increased by 20% compared to 2023, accounting for 60% of all incidents in 2024.

Stock UPB logo
UpStream Bio Inc.

NASDAQ:UPB

UPB Rankings

N/A Ranked by Market Cap
N/A Ranked by Dividends

UPB Latest News

Jan 6, 2025
Upstream Bio to Present at the 43rd Annual J.P. Morgan Healthcare Conference
Dec 17, 2024
Upstream Bio Appoints Allison Ambrose as General Counsel
Dec 16, 2024
Upstream Bio Announces Addition to Russell 2000® Index
Nov 21, 2024
Upstream Bio to Participate in the Piper Sandler 36th Annual Healthcare Conference
Nov 7, 2024
Upstream Bio Reports Third Quarter 2024 Financial Results and Recent Business Highlights

UPB Stock Data

441.10M
12.50M
19.25%
65.92%
4.46%
Biotechnology
Pharmaceutical Preparations
Link
United States
WALTHAM