Escalating Cyber Menaces, Artificial Intelligence, and Hacking Attacks in the Automotive Sector Causing Financial Losses Worth Billions
In the rapidly evolving world of automotive technology, a new report from VicOne, a leading automotive cybersecurity firm, warns of escalating threats that are no longer theoretical but increasingly inevitable. The "Shifting Gears: VicOne 2025 Automotive Cybersecurity Report" sheds light on the growing attack surface as the industry moves towards software-defined vehicles (SDVs).
Over the past four years, there has been a staggering 600% increase in vehicle-related cyberattacks. These attacks have become more sophisticated and scalable, targeting the very heart of modern vehicles – software. Given the 12-15 year operational lifespan of a vehicle, cybersecurity has become a long-term commitment.
Vulnerabilities include risks associated with third-party software components and suppliers, necessitating enforcement of transparency (via Software Bill of Materials (SBOMs) and Motor Vehicle Software Bill of Materials (MLBOMs)) and stringent vulnerability checks. Intrusion risks target in-vehicle communication protocols like CAN, LIN, and Ethernet, necessitating real-time intrusion detection systems (IDS). Network security challenges arise around vehicle gateways and APIs, which are common targets for attacks.
The electric vehicle (EV) charging infrastructure also faces increasing cyber threats. To secure charge points and supply equipment, a multilayered protection strategy is essential. The industry is adopting Security Orchestration, Automation, and Response (SOAR) systems to reduce latency in handling threats and improve real-time incident responses in EVSE networks. EV charging systems require protection against evolving attack methods to ensure safe and reliable charging operations.
AI-powered vehicle systems, such as smart cockpits, pose risks related to sensitive data leaks and unauthorized data access. To mitigate these risks, VicOne recommends implementing secure AI design principles, limiting AI data access to the minimum necessary, encryption of sensitive training data, and thorough usage auditing to comply with privacy regulations. The establishment of dedicated AI governance teams aligned with frameworks like the NIST AI Risk Management Framework is necessary to systematically manage AI-related cybersecurity risks.
AI and machine learning are also increasingly leveraged defensively to detect unusual behaviors and automate threat responses within vehicles. The industry is moving towards software-centric security models with over-the-air (OTA) updates playing a critical role in continuous vulnerability mitigation across the vehicle lifecycle. The adoption of the Zero Trust security model mandates constant verification of all vehicle communications regardless of origin, enhancing security posture.
Exploration of blockchain technology to maintain data integrity and tamper-proof vehicle data logs is underway, especially for shared mobility and fleet management scenarios. However, a pressing concern is the security of large language models (LLMs), the backbone of generative AI. Factors like unsecure plug-in designs, flawed output handling, and adversarial attacks make the security of LLMs a critical issue.
In 2024, the number of automotive-related software vulnerabilities, known as Common Vulnerabilities and Exposures (CVEs), climbed to 530, nearly double the total recorded in 2019. Cybercriminals are using dark-web forums to exchange stolen vehicle data and advanced hacking techniques, with the latest vulnerabilities increasingly concentrated in in-vehicle infotainment (IVI) platforms, operating systems, and electric vehicle (EV) charging infrastructure.
The report warns that AI-enabled systems are vulnerable to misuse and abuse at various stages of their lifecycle. The widespread use of AI in the automotive industry is reshaping governance structures, raising questions about liability and risk management, and challenging traditional brand identities.
Flaws have been revealed in electric vehicle charging infrastructure, including outdated communication protocols and insecure payment systems. In June 2024, a ransomware attack on a dealership software provider disrupted operations at over 15,000 North American dealerships. In Pwn2Own Automotive 2025, security researchers uncovered 49 previously unknown vulnerabilities, with the majority affecting IVI and EV charging systems.
The VicOne 2025 Automotive Cybersecurity Report paints a picture of a rapidly evolving threat landscape characterized by increasing cyberattacks on vehicles and their software ecosystems, vulnerabilities in EV charging infrastructure, and complex AI system risks. Addressing these requires integrated technical, organizational, and governance strategies spanning the entire automotive value chain. The report is available for download.
- The automotive industry, with its shift towards software-defined vehicles (SDVs), is experiencing a growing attack surface, as highlighted in the VicOne 2025 Automotive Cybersecurity Report.
- As vehicle-related cyberattacks have skyrocketed by 600% over the past four years, focusing on software vulnerabilities, cybersecurity has become a long-term commitment in the automotive sector.
- Enforcement of transparency through Software Bill of Materials (SBOMs) and Motor Vehicle Software Bill of Materials (MLBOMs) is essential to address vulnerabilities associated with third-party software components and suppliers.
- As electric vehicle (EV) charging infrastructure faces increasing cyber threats, the adoption of Security Orchestration, Automation, and Response (SOAR) systems is crucial for handling threats and improving real-time incident responses in EVSE networks.
