Cybercriminals Take Aim at Connected Car Infrastructure

We are barreling headlong into the self-driving car trend, but what are the cybersecurity risks?

It’s been coming for some time, but the self-driving car takeover now seems closer than ever. It’s estimated that seven out of every eight cars will be connected by 2025.

With innovators like Tesla and, big-tech giants like Apple and Google, and even traditional carmakers looking to get into the action, there seems to be no going back. However, as with all technological advancements before it and those that will come after, cybercriminals and threat actors are lying in wait, ready to exploit any weakness for their gain.

Unfortunately, one topic that has not received its due attention is how secure or vulnerable these “software platforms on wheels” really are. A recent study by Upstream Auto sheds some light on the subject, showing that it’s not just a concern for the future but that cyber-attacks are already impacting autonomous carmakers today.


LIFARS cyber security and risk advisory consultants – providing the technical capability to develop advisories and mitigations on evolving cybersecurity threats.


The report analyzed over 200 cyber incidents from 2020 to the present. It also highlights cyber threat trends over the last decade, particularly in the year 2020.

One of the key questions asked by cybersecurity experts in the automotive industry is, “what exactly are cyber threat actors after?” It may be surprising to hear, but the largest share (30%) of attacks culminated in a data/privacy breach.

As in many other sectors, it seems like the main goal of cybercriminals is to gain unauthorized access to information. Once successful, they can use this information (PII (Personally Identifiable Information), access credentials, contacts, etc.) to launch further attacks using techniques like phishing, social engineering, credential stuffing, and more.

Of course, and probably more concerning for individual car owners, car theft/break-ins came n as a close second at 28.14%. However, t’s likely that data theft is used as an initial attack vector to gain unauthorized access to a car.

Other significant threats identified were controlling car systems (23.73%) and service/business disruption (21.86%).

Fraud (4.2%), manipulating car systems (3.9%), location tracking (2.8%), and policy violation (1.9%) were less prominent outcomes of cyber incidents.

We have a recent example of how criminals can abuse software systems embedded in vehicles to effect car theft/break-ins. In September 2021, police busted a car theft ring operating throughout New York and the Hudson Valley. The gang cloned key fobs using stolen security codes bought online on elicit marketplaces and reset cars’ ignition systems using aftermarket scanning tools common among mechanics.

The gang stand accused of being directly involved in the theft of at least 45 vehicles and the illegal resale of at least 225.

Unsurprisingly, automakers are scrambling to improve the security of their “software platforms on wheels” In Upstream’s study, nearly half of attacks were guided by white hat hackers. However, the majority was still attributed to black hat actors. Some manufacturers, like General Motors, have also launched bug bounty programs in response.

One of the scariest prospects when it comes to cybersecurity threats facing vehicles is hackers being able to take control of your car.

At Black Hat USA in 2015, famed hackers Charlie Miller and Chris Valasek demonstrated their ability to remotely hack and take control of a 2014 Jeep Cherokee. Their entry point was nothing more than a single port, needlessly left open. In the aftermath, Fiat Chrysler were forced to roll out a mass recall of over 1.4 million vehicles, spanning a range of models.



Upstream Security’s 2021 Global Automotive Cybersecurity Report