Table of Contents
Introduction
According to Automotive Cyber Security Statistics, The automotive industry’s digital transformation has increased vehicle connectivity and brought cybersecurity challenges. Automotive cybersecurity protects vehicles and passengers from cyber threats, including hacking, malware, and data breaches. Governments and industry organizations have introduced regulations to ensure cybersecurity measures are in place.
Challenges include complex vehicle systems and the need for real-time monitoring, requiring collaboration and information sharing. Emerging technologies like AI play a crucial role in threat detection. As vehicles become more connected and autonomous, automotive cybersecurity remains critical for maintaining trust and security in the industry.
Editor’s Choice
- The automotive cybersecurity market is set for substantial growth over the next decade at a CAGR of 22%, reflecting the increasing importance of cybersecurity in the automotive industry.
- In 2022, the automotive cybersecurity market generated revenue of USD 3.2 billion, which is expected to rise to 22.2 billion by 2032.
- In 2022, the distribution of automotive cyber-attacks worldwide revealed a predominant trend towards remote attacks, accounting for a significant share of 97%.
- In contrast, physical attacks constituted a much smaller portion, comprising only 3% of the total.
- In 2022, the distribution of automotive cyber-attacks worldwide revealed a predominant trend towards remote attacks, accounting for a significant share of 97%.
- In contrast, physical attacks constituted a much smaller portion, comprising only 3% of the total.
- Suppliers bore the brunt of cyber incidents, accounting for the majority at 67.3%.
Global Automotive Cyber Security Market Overview
Automotive Cyber Security Market Size
- The automotive cybersecurity market is set for substantial growth over the next decade at a CAGR of 22%, reflecting the increasing importance of cybersecurity in the automotive industry.
- In 2022, the market generated revenue of USD 3.2 billion, a number that is expected to rise steadily.
- By 2032, the automotive cybersecurity market is projected to reach a staggering USD 22.2 billion, underscoring the industry’s commitment to safeguarding vehicles against emerging cyber threats and ensuring the safety and security of vehicles on the road.
Automotive Cyber Security Market Size- By Type
- The automotive cybersecurity market is poised for substantial growth in the coming years, with the total revenue expected to reach USD 3.2 billion in 2022 and steadily increasing to USD 22.2 billion by 2032.
- The market is segmented into various types of cybersecurity solutions, including wireless security, network security, endpoint security, application security, and cloud security.
- In 2022, wireless and network security accounted for USD 1 billion in revenue, while the other segments had no revenue.
- However, as we move forward, we can anticipate significant developments in the cybersecurity landscape.
- By 2032, wireless security is projected to generate USD 8 billion, network security USD 6 billion, endpoint security USD 3 billion, application security USD 2 billion, and cloud security USD 2 billion in revenue.
Location of Automotive Cyber Security Attacks
- In 2022, the distribution of automotive cyber-attacks worldwide revealed a predominant trend towards remote attacks, accounting for a significant share of 97%.
- These remote attacks typically involve cybercriminals gaining unauthorized access to vehicle systems and control through digital means, such as hacking into onboard computer systems or exploiting vulnerabilities in software.
- In contrast, physical attacks constituted a much smaller portion, comprising only 3% of the total.
- Physical attacks involve direct actions on the vehicle, like tampering with its physical components or systems.
Impact Range of Remote Cyber Attacks
- There was a notable distribution of impact ranges in the global landscape of remote cyber-attacks within the automotive industry in 2022.
- Most of these attacks fell into the category of long-range attacks, comprising a significant 70% share.
- These long-range cyber-attacks typically involve threats from remote locations, potentially spanning vast distances and targeting vehicles or their systems.
- Conversely, short-range attacks constituted a smaller yet noteworthy portion, accounting for 30% of the total.
- Short-range attacks typically have a more localized impact, often from closer proximity to the target vehicles.
Top Cyber Security Attacks in the Automotive Sector
- Cybercrime is growing in complexity and impact, with global damages estimated at USD 6 trillion in 2021.
- Projections indicate that by 2025, these losses could surge to USD 10.5 trillion annually, marking a 15% annual increase.
- Critical infrastructures at the Edge and IoT are attractive targets due to their vulnerabilities, significantly damaging businesses and consumers.
- The automotive industry has not been spared, experiencing a 225% increase in cyberattacks over the last three years.
- Remote cyberattacks are the primary method, accounting for 85%, with 40% targeting back-end servers.
Ransomware & data breaches
- An Asian automotive manufacturer’s American branch faced a ransomware attack orchestrated by the DoppelPaymer gang, who demanded a $20 million ransom to provide a decryption key and prevent the leaking of stolen data.
- Meanwhile, two major Israeli public transportation companies suffered a ransomware attack that led to data theft and brought down their websites.
- In April 2021, a North American electric vehicle maker fell victim to cybercriminals who used a drone equipped with a Wi-Fi dongle to hack into the vehicle doors.
- In January 2022, Emil Frey, Europe’s largest car dealer, faced a ransomware attack that compromised their systems and backups, disrupting operations.
DDoS/Botnets/Hacking
- In September 2021, criminals employed sophisticated hacking equipment to steal 25 high-end European-manufactured cars in London.
- Meanwhile, in Oakville, Canada, a total of 124 car thefts were recorded in a city with a population of 211,000, with a significant 60% of these thefts being carried out using keyless entry technology.
- Denso, one of the world’s largest technology and component manufacturers, faced a cyberattack in March 2022 when hackers infiltrated the company’s network in Germany, prompting the network’s disconnection from compromised devices once the breach was detected.
- The alleged attackers claimed to have made off with 1.4 terabytes of data.
- Finally, in June 2021, reports emerged of hackers leveraging a feature within modern vehicle Engine Control Units (ECUs) to target other ECUs for the first time remotely.
Number of Cyber Security Attacks in the Automotive Sector
- From January 2022 to March 2023, there has been a fluctuating trend in the monthly number of cyber-attacks on automotive production companies worldwide.
- In January 2022, there were 27 reported attacks, marking a relatively high point. However, this number decreased to 20 in March 2022.
- By March 2023, the number of attacks further decreased to 11, suggesting a potential decline in cyber threats to automotive production companies during this period.
Number of Common Vulnerabilities and Exposures (CVEs) in Automotive Companies
- The annual count of Common Vulnerabilities and Exposures (CVEs) affecting automotive companies worldwide saw a noticeable upward trend from 2019 to 2022.
- In 2019, there were 24 recorded CVEs in the automotive sector.
- The following year, in 2020, this number increased to 33, indicating a growing vulnerability landscape.
- This trend continued into 2022, with the number of CVEs reaching 151, underscoring the increasing importance of cybersecurity measures in addressing vulnerabilities and threats in the automotive sector.
Impact of Cybercrime on Automotive Companies
- From 2010 to 2022, cybercrime has had a notable impact on automotive companies worldwide, with various types of attacks affecting the industry.
- Data and privacy breaches emerged as the most prevalent, accounting for 31% of reported cyber incidents.
- These breaches not only jeopardize sensitive information but also erode consumer trust. Service and business disruptions were a significant concern at 23%, disrupting operations and causing financial losses.
- Vehicle theft and break-ins, alongside control over vehicle systems, each accounted for 23% of attacks, highlighting the vulnerability of connected vehicles.
- Fraud, manipulation of car systems, location tracking, and policy violations collectively represented 10% of cybercrime impacts.
Cyber Incident Impact Distribution of Automotive Supply Chain Parties
- In the first half of 2022, cyber incidents had a discernible impact on various automotive supply chain parties worldwide.
- Suppliers bore the brunt of these incidents, accounting for the majority at 67.3%.
- This underscores suppliers’ critical role in the automotive ecosystem and susceptibility to cyberattacks.
- Dealers, while less affected, still represented a significant share at 17.3%, indicating vulnerabilities within the retail end of the supply chain.
- Third-party entities, including service providers and partners, comprised 9.6% of those impacted, emphasizing the interconnected nature of the automotive industry.