Cybersecurity threats continue to cast a dark shadow over the automotive industry, as recent incidents highlight the industry's vulnerability to malicious attacks. From high-profile ransomware breaches to data breaches and control system infiltrations, the automotive sector faces significant challenges in safeguarding its digital infrastructure. The upcoming implementation of the NIS2 directive in the automotive industry aims to enhance cyber resilience and mitigate the financial and reputational damage caused by cyber incidents. Urgent action is required to safeguard the industry's digital infrastructure from increasing cybersecurity threats.


According to industry reports, the automotive sector has witnessed a staggering increase of 225%1 in cyberattacks over the past three years. Remote cyberattacks account for the majority, making up 85% of all incidents2. Back-end servers are a prime target, with 40% of attacks directed towards them. The projected financial losses due to cyberattacks in the industry are estimated to reach up to $505 billion by 20243. Such figures underscore the pressing need for robust cybersecurity measures and a comprehensive approach to ensure the security of both automotive companies and their customers. As the automotive industry continues its digital transformation journey, proactive steps must be taken to fortify defences and stay one step ahead of cybercriminals.

These cyberattacks illustrate the damages that automotive companies can endure. From financial losses and operational disruptions to reputational harm and compromised safety, the repercussions of such attacks extend far beyond the immediate financial impact. They highlight the high stakes involved in securing the automotive industry against cyber threats and the importance of implementing comprehensive cybersecurity measures.

Why is the Automotive Industry Targeted, and What Can Attackers Gain?

The automotive industry has become an attractive target for cybercriminals due to its growing reliance on technology and connectivity. As vehicles become increasingly integrated with advanced systems and connected to external networks, they present an attractive target for hackers to exploit. From infotainment systems to autonomous driving capabilities, every component of a modern vehicle represents a potential entry point for cyberattacks. The vulnerability of the automotive industry is further compounded by the highly digitized and robotized manufacturing facilities. These facilities rely on interconnected systems and automation, creating additional points of entry for malicious actors. A notable example that demonstrates the potential consequences is the 2014 cyber attack on a steel mill in Germany. In this incident, attackers gained access to the control systems through booby-trapped emails, resulting in critical failures within the plant and the inability to shut down a blast furnace as intended. 

The motivation for hackers targeting the automotive industry is twofold: financial gain and data exploitation. By infiltrating automotive systems, malicious actors can gain control over critical functions like steering, braking, and acceleration, potentially causing accidents or holding vehicles hostage for ransom. Additionally, the wealth of data generated by connected vehicles, including personal information and geolocation data, has become a lucrative target for cybercriminals involved in identity theft, financial fraud, or even state-sponsored espionage.

Not only are vehicle manufacturers at risk, but the intelligent transport systems (ITS) that support the automotive ecosystem also face significant threats. ITS are systems in which information and communication technologies are applied in the field of road transport, including infrastructure, vehicles and users, and in traffic management and mobility management, as well as for interfaces with other modes of transport. ITS forms a complex web that, if compromised, can lead to widespread disruptions, accidents, and even targeted sabotage.

Moreover, the consequences of a cyber incident on an automotive factory can be severe. Manufacturing facilities in the automotive industry are highly reliant on digital systems and automation. A successful cyberattack on such a facility can disrupt production processes, compromise quality control, and lead to significant financial losses. The compromised integrity of manufacturing systems can result in faulty or compromised components, affecting vehicle safety and reliability.

Furthermore, a cyber incident in an automotive factory can have far-reaching impacts, including supply chain disruptions, theft of intellectual property and personal data, delayed deliveries, and reputational damage. The ripple effects may extend to dealerships, suppliers, and even customers who rely on the timely availability of vehicles and spare parts.

NIS2: Ensuring Cyber Resilience in the Automotive Sector

Recognizing the pressing need to enhance cybersecurity resilience, the European Union has implemented the Network and Information Systems Directive 2 (NIS2). This directive seeks to ensure the resilience of infrastructure sectors, including the automotive industry, against cyber threats. Compliance with NIS2 is mandatory for organizations operating in Europe and requires them to adopt proactive measures to manage risks, prevent cybersecurity incidents, and promptly respond to any breaches that may occur.

Under the NIS2 directive, the automotive industry is divided into two distinct categories: High Criticality Sectors and Other Critical Sectors. The High Criticality Sectors include operators of Intelligent Transport Systems (ITS) who are responsible for managing and operating the interconnected systems involved in road transport, traffic management, and mobility management. These entities play a crucial role in ensuring the secure and efficient functioning of the ITS infrastructure. On the other hand, the Other Critical Sectors encompass entities engaged in the manufacture of motor vehicles, trailers, semi-trailers, or other transport equipment. These entities are tasked with producing and assembling vehicles and related equipment, and they are obligated to comply with the cybersecurity obligations specified in the NIS2 directive.

Under the NIS2 directive, entities in the automotive industry must comply with cybersecurity measures such as risk analysis, information system security policies, incident handling, and basic cyber hygiene practices. Failure to comply can result in penalties exceeding 2% of worldwide turnover, as well as management and personal liability. Non-compliance also carries the risk of significant reputational damage, which is challenging to recover from. It is vital for automotive entities to prioritize cybersecurity, adhere to the NIS2 directive, and maintain the trust of customers, stakeholders, and the public.

What Can You Do: Taking Proactive Steps and Seeking Expert Assistance

In the face of the escalating cyber threat landscape, automotive companies must take proactive steps. Regular software and firmware updates, access control policies and asset management, and comprehensive employee training programs are some of the measures that can significantly bolster resilience against cyberattacks.

However, given the complexity and constantly evolving nature of cybersecurity and regulation, seeking the expertise of specialized consultants is crucial. These professionals can assist automotive companies in conducting thorough risk assessments, developing tailored cybersecurity strategies, and implementing robust security controls. By leveraging the knowledge and experience of consultants well-versed in the unique challenges faced by the automotive industry, companies can stay ahead of cybercriminals, mitigate risks effectively, and safeguard their operations and customers. Compliance with regulations like NIS2, coupled with proactive measures and expert guidance, can empower automotive companies to combat cyber threats effectively and ensure the safety and trust of drivers and passengers.\


1 According to SAE International, a global association committed to the engineering profession.
2 According to Verizon’s 2022 Data Breaches Investigations Report, 82% of data breaches involved a human element.
3 According to research of Yahoo Finance