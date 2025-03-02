Cyber ​​attacks against the ecosystem and automotive products and intelligent mobility grew by 39%, up to 409 incidents recorded and analyzed by the UPSTREAM cybersecurity data company published in its global cybersecurity report in automotive and intelligent mobility 2025.

The proportion of these attacks involving electric vehicle loaders increased to 6% from 4% in 2023. In this sense, Upstream explains that attacks They are increasingly common and higher risk As devices, applications and other tools communicate with each other, and vulnerability to an attack becomes greater.

The company details that the impact of cyber attack on the automotive and smart mobility ecosystem is increasing on scale.

Vehicle attacks They usually compromise sensitive databut they can also have high -range consequences, such as car theft, fraud and manipulation and control of vehicle systems, which can represent safety risks.

Incidents related to data and privacy represented 60% of the incidents in 2024. The percentage of incidents that involved the manipulation and control of vehicle systems increased “drastically” in 2024, representing more than 35% of cases, says UPSTREAM.

This increase can be attributed to several factors, indicates. First, the increase in research on electric vehicle loaders and infotainment systems, which has contributed significantly to this growth.

Upstream also points to open source software In areas such as autonomous vehicles and Internet mobility of things (IoT), including intelligent mobility (for example, telematic systems), smart cities systems (with traffic lights) and electric vehicle load infrastructure, has also promoted this upward trend.

Vehicle recharge

To all this, the electric vehicles They are increasing in number, as are concerns about cybersecurity of the electricity grid and the resilience of the load infrastructure.

While the rapid adoption of electric vehicles It has led to the rapid development of the load infrastructure, often ignoring the best practices and vulnerabilities of cybersecurity, the Specific regulations For electric vehicles they are still lagging behind, he warns.

Therefore, loaders are vulnerable to physical and remote manipulation that can control their functionality and expose users of electric vehicles to fraud, Data violations and even rescue attacks.

Electric vehicle load stations and load infrastructure are vulnerable to A wide range of threats of cybersecurity, since they depend on a complex infrastructure, interconnectivity and multiple data networks.

In this sense, UPSTREAM reveals that 59% of attacks on electric vehicle load stations in 2024 had the potential to affect millions of devices, including loaders, mobile applications, vehicles and more. 37% could have affected thousands of devices.

As an example, UPSTREAM details that in July 2024, the researchers found a Security vulnerability in electric vehicle load equipment. This vulnerability allows attackers to exploit communication protocols by electricity line (PLC) to obtain unauthorized access and interrupt the load of electric vehicles. The researchers obtained access to the network keys and digital addresses of the charger and the electric vehicle.

Also, in November 2024, an Italian electric vehicle cargo company launched a remote update for Correct security vulnerabilities in the ‘firmware’ of their loaders.

Failures allowed unauthorized access to system records, administrator privileges and execution of arbitrary commands through the loader web administration interface.

Although there were no personal data at risk, attackers could avoid load restrictions, access system configurations and launch service denial attacks. Users were recommended with no connection devices to update the patches through the mobile application.

Therefore, almost three quarters of the attacks on electric vehicle load stations identified by UPSTREAM implied interruptions of the service or business, which means that the computer pirates In most cases they could affect the functionality of the loaders.

Black hat hackers

Another point that highlights the study is that last year, 65% of the attacks received by the automotive sector were from ‘black hat hackers. Upstream explains that The ‘black hat hackers’ attack the systems to obtain personal, economic or malicious benefits.

The ‘black hat’ hackers are no longer lonely ‘malware’ developers, but They are usually part of well -organized operations And with sufficient resources, which use thousands of cybercriminals worldwide, capable of carrying out coordinated simultaneous attacks against multiple organizations.

The company indicates that the attacks of ‘black hat hackers’ in information technologies and in the automotive industry They differ greatly in their consequences and impact.

Malicious attacks in the automotive sector, which are closely related to cyber attacks against the Internet of things and critical infrastructure, such as health, energy and government facilities, not only cause interruptions in financial services and losses, but also can represent safety and safety risks Even the loss of liveswarns the company.

As an example, he details that in February 2024, the European division of a South Korean car manufacturer was a victim of a ransomware attack that interrupted its operations.

The attackers claimed to have extracted 3 TB (Terabytes) of data and shared images of stolen folders. The manufacturer confirmed the attack and collaborated with the authorities to recover and analyze the incident.

In June 2024, a ransomware attack affected a US Software Supplier provider used by 15,000 dealershipswhich resulted in the stoppage of its operations throughout the country for almost three weeks.