Connectivity can boost the capabilities of automated vehicles, enhance vehicle personalization and improve driver experiences.
These benefits are so widespread that connected vehicles — able to communicate with each other, the infrastructure, the cloud, even pedestrians — are expected to comprise nearly 86 percent of the global automotive market by 2025.
But all of this technology leaves vulnerabilities and increases opportunities for hackers, according to Upstream Security's 2021 Global Automotive Cybersecurity Report, released Tuesday.
The Israeli company analyzed 633 publicly reported cyber hacks or attacks since 2010, including nearly one-third of which occurred this year.
"Traditional forms of cyberthreats such as ransomware, as well as more automotive-specific threats targeting telematics services, vehicle components and the vehicles themselves, contributed to the recent increase in the number of cyberattacks targeting the automotive industry," the report says.
According to Forbes, nearly every auto manufacturer has been hacked. There could be a direct impact on the safety and security of vehicles and road users. Hacks threaten a vehicle's data and codes, external connectivity, back-end servers, update procedures and more.
According to Upstream, the most common attack vectors — areas through which hackers gain access — include servers, keyless-entry systems or key fobs, mobile apps, on-board diagnostics ports and infotainment.
The report specifically cites a Canadian example where, in January 2020, two Toyota Tacoma trucks and a Toyota 4Runner truck were stolen from driveways in Canada after hackers allegedly reprogrammed the vehicles' keyless push start ignition.
In another cited example, Toronto police released surveillance video of thieves using a signal booster to steal a Lexus from the owner's driveway by using a device that captured the keyless fob's signal in the house.
The IT network, sensors, electronic control unit and in-vehicle network, among other vectors, also open a vehicle to attacks. Nearly 80 percent of all attacks examined between 2010 and 2020 were remote and relied on network connectivity, while 20.7 percent required physical access.
Autonomous vehicles are particularly vulnerable to hacks, but so are electric vehicles, as they are controlled mostly by electronic devices embedded within susceptible networks.
"Cyber vulnerabilities are magnified in EVs due to the unique risks associated with these vehicles' battery packs," according to Upstream.
The company says that factoring in security at the time a component or software is in the development phase as well as implementing multilayered cybersecurity features are critical to protecting vehicles against attacks.
"With the continued rise of cyberattacks against the automotive industry and the regulatory requirements that were developed in response, now more than ever, automotive stakeholders must take heed of the cyberthreat landscape," Oded Yarkoni, Upstream Security's vice president of marketing, said in a release.
