Increase in Cyber Attacks on Automobiles More Than Tripled in 2024
Upstream Security's 2025 Automotive & Smart Mobility Cybersecurity Report reveals a significant increase in cyber threats in the automotive and smart mobility sectors.
In 2024, cyber attacks surged, with 60% of all attacks classified as having high or massive-scale impact. Remotely executed attacks dominated, constituting 92% of all incidents. One particularly devastating incident in June targeted a major U.S.-based software provider servicing 15,000 automotive dealerships, halting operations for nearly three weeks and resulting in estimated losses of $1.02 billion.
Mobility-specific ransomware attacks also surged, causing unprecedented disruptions, with 108 reported ransom attacks and 214 data breaches. Data and privacy-related incidents accounted for 60% of cases in 2024, marking a 20% increase from the previous year.
The proliferation of software-defined and autonomous vehicles has introduced new vulnerabilities, widening the cybersecurity gap. Critical infrastructure elements, including EV chargers and fleet management systems, have expanded the potential attack surface, amplifying risks.
The report highlights that in 2024, 60% of cybersecurity incidents within the automotive and smart mobility sectors impacted thousands to millions of assets. Over 76% of dark web activities targeted multiple stakeholders globally.
Software-defined vehicles (SDVs) present complex risks because their interconnected systems mean that vulnerabilities in one component—such as third-party apps or EV charging stations—can cascade throughout the entire vehicle network. This interdependency demands comprehensive, end-to-end cybersecurity testing covering the full supply chain, including chip manufacturers and service providers, conforming to international standards like ISO/SAE 21434 and UNECE WP.29.
The automotive intrusion detection systems (IDS) market is growing rapidly, driven by trends such as connected car expansion (with over 95% of new vehicles expected to be connected by 2030), adoption of autonomous driving (especially SAE Level 3+), regulatory mandates, and increased use of over-the-air (OTA) software updates and vehicle-to-everything (V2X) communications.
Emerging IDS capabilities include AI and machine learning-based intrusion detection that adapts to new threats, vehicle-to-cloud IDS for real-time monitoring with centralized management, and secure gateways with embedded security modules to protect critical ECUs and networks.
The report also notes the rising impact of generative AI (GenAI) used both by attackers to create sophisticated threats and by defenders to enhance threat detection and remediation, signaling an evolving cybersecurity arms race.
The compressed innovation cycles in the automotive industry—especially in EVs and SDVs—are causing reduced validation times, increasing the risk of unresolved software-related vulnerabilities and recalls. Upstream recommends leveraging connected vehicle data and AI-powered cloud platforms to improve proactive quality and cybersecurity strategies, thus reducing warranty costs and customer dissatisfaction.
The 2025 report explores China's Strategic Automotive Investments and their implications for global cybersecurity dynamics. It also investigates risks in EV Charging Infrastructure and emerging vulnerabilities as EV adoption grows. The report calls on automakers and mobility stakeholders to adopt holistic, forward-thinking cybersecurity strategies.
For those interested, the full 2025 Upstream Global Automotive & Smart Mobility Cybersecurity Report can be downloaded at https://upstream.auto/reports/global-automotive-cybersecurity-report/.
[1] Upstream Security, 2025 Automotive & Smart Mobility Cybersecurity Report. [2] MarketsandMarkets, Automotive Intrusion Detection Systems Market by Component, Vehicle Type, Application, and Region - Global Forecast to 2025. [3] Gartner, Emerging Technologies: Generative AI and Its Impact on Cybersecurity. [4] Cybersecurity Ventures, The 2025 Cybercrime Report. [5] Upstream Security, 2025 Automotive & Smart Mobility Cybersecurity Report.
In the fast-paced automotive and smart mobility sectors, where technology advancements are rampant, finance plays a significant role in managing the fallout from cyber attacks. According to Upstream Security's 2025 Automotive & Smart Mobility Cybersecurity Report, 60% of cybersecurity incidents impacted thousands to millions of assets in 2024, leading to estimated losses of $1.02 billion in one instance alone. With the growing adoption of software-defined vehicles and EV charging infrastructure, the need for robust fleet management systems that incorporate cybersecurity measures becomes paramount, especially as AI and machine learning-based intrusion detection capabilities emerge. This holistic, future-focused approach is necessary for stakeholders in the industry to keep pace with an increasingly complex and evolving cybersecurity landscape.
