The growing use of digital systems in cars, trucks, and mobility services has made the automotive industry a new favorite target for hackers. Companies involved in making vehicles, supplying parts, and even selling them are now dealing with a sudden rise in cyberattacks, many of which are leading to heavy losses.
A recent report by cybersecurity firm Upstream Security shows that these attacks are not only increasing but also affecting much larger groups of vehicles and connected systems. In 2024, nearly 60% of the reported incidents impacted thousands or even millions of assets—this includes vehicles, electric vehicle charging stations, smart driving apps, and other connected tools used in transportation.
Even more worrying is the spike in large-scale cyberattacks. Cases where millions of vehicles were hit at once rose sharply from 5% in 2023 to 19% in 2024. These massive events now account for almost 60% of all attacks recorded in the year.
Experts warn that attackers have changed their approach. Instead of just hacking into a single vehicle’s system, they now aim to cause widespread damage or steal large amounts of data. By doing so, they increase the pressure on companies to pay hefty ransoms to avoid public embarrassment or serious business disruption.
Jason Masker, a cybersecurity specialist from Upstream, explained that hackers often search for the most damaging way to force companies into paying them. If they can gain control of millions of vehicles or access sensitive information, they can easily threaten a company’s image and safety standards.
The report also shared a serious example of how hackers can even manipulate a car’s safety features. Researchers found that the radar used for adaptive cruise control— a system that keeps cars at a safe distance can be tricked. Hackers could make it appear that the vehicle ahead is speeding up when it isn’t, potentially causing a crash.
Several major cyber incidents have already occurred:
• A leading Japanese car company’s U.S. unit was targeted by ransomware, leaking 22GB of vehicle and customer data.
• A Chinese auto supplier suffered a large breach involving 1.2TB of sensitive information, affecting both local and global carmakers.
• In Italy, a German automaker’s branch faced a data breach that exposed private customer details.
The report further explains that traditional cyberattacks— like locking systems and demanding ransom, are slowly becoming less effective, as many companies have backups ready. Now, hackers prefer stealing data and threatening to leak it unless they’re paid.
What’s more concerning is the gap between what cybersecurity rules require and how prepared companies actually are. Many businesses falsely believe they are fully protected, while attackers continue finding new ways to break through.
Upstream Security suggests companies need to act beyond just following regulations. Safety, smooth operations, and protecting customer data must be prioritized.
To help prevent future attacks, Upstream monitors over 25 million vehicles worldwide, tracking billions of data points daily. They also watch online forums where cybercriminals sometimes plan their attacks.
Looking at the bigger picture, experts predict artificial intelligence will become a vital tool in spotting and blocking cyber threats quickly. As vehicles get more connected, the risk of cyberattacks is expected to grow, putting companies, drivers, and users of smart mobility systems at greater risk.
