Steering Clear

VicOne 2022 Automotive Cybersecurity Report

November 29, 2022
Automotive Cybersecurity in 2022 Download Automotive Cybersecurity in 2022: VicOne Report

Energy production around the world has evolved quickly over the past couple of years, spurred on by an energy crisis that affected many different countries. The automotive industry has kept up with these changes, especially in terms of electric vehicles (EV) and EV technology. However, this rapid evolution leaves certain security gaps that attackers can use to victimize car makers, their suppliers, and car owners.

In our report, we investigate the cyberthreats that have been launched on the automotive industry in 2021 and 2022. We dig into the most prominent attacks, point out high-risk areas that could be targeted in the future, and give our security recommendations and predictions for 2023.

Critical cyberattacks on the automotive industry

Many media outlets discussed automotive security, and in 2022 we noticed that keyless issues were often reported. Keyless technology is an intuitive entry point for criminals since this technology can unlock the door to a car or start the engine without physically inserting a key.

We also investigated over 50 significant security events to show the range of cyberattacks on the industry. These attacks affect different levels of the industry from supplier to vendor, and show that cybersecurity issues are present at almost every production stage. Incidents also happened several times each month without exception.

The most affected sector in the automotive industry are the suppliers.

Out of the cybersecurity incidents we investigated,
67.3% cases involved suppliers.

Attacks on suppliers mean that production is suspended or stopped during these incidents.

Recovery time is lengthy because most suppliers don't have a plan for handling such attacks.

What are the major types of incidents?

Cybersecurity incidents affect many different organizations in industries all over the world. Within the automotive industry in the past two years, we see that there are two types of attacks that affect companies. The most common attack is ransomware, followed by data breaches.

Ransomware is a type of malware that prevents or limits users from accessing their systems.

It locks the system's screen or encrypts users' files until a ransom is paid.

32.6% of ransomware incidents we investigated within the automotive industry were connected to the Conti family.

A data breach is an incident in which information is stolen from a system without its owner's knowledge or authorization.

Depending on the type of data and from whom it is stolen, a data breach can have far-reaching consequences.

It can affect the lives of customers and an organization's reputation.

Data-breach incidents in the automotive industry from January 2021 to June 2022
chart lergend

Identified and increasingly
high-risk areas

  • EV charging stations EV charging
  • Cloud APIs Cloud
  • Remote keyless entry (RKE) Remote keyless
    entry (RKE)

Security recommendations

Many of the threats that we highlighted in the preceding sections are well-known in the cybersecurity industry, and automotive organizations should use existing practices from other industries to create a tailored plan for their specific needs. Here are some security recommendations that those in the automotive industry should know:

security while developing rapidly

Although there are various kinds of open-source software that can be used to build car software quickly, these often do not include security. Real progress is about maintaining security while also developing rapidly.

Over-the-air (OTA) updates

Over-the-air (OTA) updates are an indispensable part of modern vehicle design as they increase safety and save possible costs in the future.

vehicle security operations center

Modern vehicles have plenty of electronic equipment and are actually powerful computers on wheels. Taking this into consideration, there should be real-time reporting of the vehicle’s situation. This helps identify possible problems and prevent future issues. The existence of vehicle security operations center (VSOC) has also become indispensable.


The year ahead looks to be exciting for the automotive industry, especially in terms of EVs and new technology elevating user experience. Unfortunately, with change and innovation come security gaps and new issues. The following are some of our predictions for the automotive security landscape of 2023.

Ransomware will continue to affect the automotive supply chain.

Open-source vulnerabilities will affect more within the automotive industry.

Radio signal attacks (replay, relay, jamming, man-in-the-middle, and more) will increase.

Malware will be implanted into in-vehicle infotainment or telematic control unit (TCU) systems.

There will be chip-level vulnerabilities and attacks since the chip-level design is not secure.

Hackers will exploit OTA to compromise the flow or implant malicious code into upgraded software.

Attackers can bypass the digital locks that manufacturers impose on vehicles.

To learn more about these topics, as well as other cybersecurity issues connected to the automotive industry, download “Automotive Cybersecurity in 2022: VicOne Report.”