5 fascinating insights into the challenges the Motor Industry faces in Cyber Security in 2023
We are on a mission to support Motor Dealerships with their Cyber Security.
Here are five ways hackers are targeting dealerships. According to the Upstream Global Auto Report in 2018, there were only seventy-five cybersecurity incidents affecting the motor industry. By 2021 there were over two hundred and forty incidents. A three-fold jump in only four years. In this article, learn some of the threats and start to understand how to take action.
1 – Ensuring customer data is secure
As cars become more connected there is a stronger motivation for hackers to get the owner’s personal details. On purchase of the car you give all your information, name, address and banking details, you need your dealership to ensure that they are keeping those details safe, but as we have seen with Arnold Clarke recently that unfortunately isn’t always the case.
This is a security issue for the customers whatever car you are currently driving but it is potentially more worrying for connected cars. When you charge at an EV station data flows between the car and the charging device. Hackers take advantage of this by installing Malware, disabling charging stations and remote manipulation.
2 – Ensuring protection from a brute force attack
During a brute force attack a password-cracking method is used to determine account credentials. Motor Dealerships are targeted to steal customer data, and breach networks. Entire systems are targeted with the intention of creating faulty firmware, stealing huge amounts of data, and ultimately often ending in large-scale vehicle theft.
3 – Distributorships must implement a level of cyber-security
There are a huge number of Cyber Security weaknesses across the supply chain for the automotive industry. From car parts, and accessories to privately-owned dealerships relying on their own internal security. There are many ways in which a hacker can seek to obtain information by targeting any of these points in the supply chain. We know that 84.5% of attacks in the motor industry are remote – if you don’t have Cyber Security products in place, you can’t ‘see’ it coming until it is too late.
4 – Increasing motor industry cyber security events
There are new UN regulations requiring cyber security implementation, cyber security which is required to remain in place long after the car leaves the dealership. Based in the UK, we are focusing on getting the UK motor industry up to speed with their cyber security to ensure the dealership and their customer’s ongoing protection. If you want to take a deeper dive into the standards outlined by the United Nations Economic Commission for Europe (UNECE) take a look at ISO SAE/2134, UNECE WP.29 R155 and R156.
5 – Ransomware
We’ve heard of ransom-related attacks where a hacker holds an organisation’s data hostage. Motor dealership data is a top focus for these kinds of threats, the customer data obtained is a demographic that has significant value. Ransomware attacks affect IT systems and operations within a business, and loss of customer data is a brutal hit where consumer trust is lost.
The motor industry is fast becoming a significant target for hackers. We need to level up the security of the industry. There are excellent products designed to cover a whole host of potential threat. Email monitoring, staff training to spot and report malicious emails, plus better recovery after an event and alerts to prevent attacks as they occur.
It’s not a huge monthly cost, from as little as £10/user/month. Take a look at our packages and talk to us today to level up your security and protect yourselves and your customers.