Cyberattacks on the automotive industry surged in 2024, exposing a growing gap between security measures and the evolving tactics of hackers. A new report from Upstream revealed a sharp rise in cybersecurity incidents, jumping from 295 in 2023 to 409 last year — a troubling increase driven largely by ransomware attacks:

“Ransomware threats are projected to evolve, extending beyond traditional enterprise IT systems to compromise products, OT, and Smart Mobility devices. This shift poses critical risks to safety, operational availability, and the security of sensitive mobility data.”

These attacks, among the most disruptive and costly, crippled business operations and compromised sensitive data. Over 60 percent of cyber events affected millions of assets, including vehicles, charging stations, and apps. Large-scale attacks impacting millions of vehicles rose from 5 percent to 19 percent in just a year.

The report also found that 59 percent of incidents involved data and privacy breaches, while 55 percent disrupted business operations. Hackers frequently targeted telematics systems and application servers, allowing them to disable vehicle controls, turn off tracking, and even unlock cars remotely. Alarmingly, 92% of attacks were executed remotely, with 84% occurring over long distances.

The CDK Global ransomware attack in 2023, which shut down 15,000 US dealerships for three weeks, showed the devastating impact of cyber threats. Now, with hackers using AI-driven tactics to infiltrate vehicles, apps, and interconnected systems, automakers face an urgent challenge.

As cyber threats grow faster than the industry can respond, manufacturers and tech firms must act quickly to strengthen digital defenses and close security gaps before the next major attack.