New study “Shifting Gears 2025” reveals alarming cyber threats to the automotive industry
The current study “Shifting Gears 2025” by cybersecurity experts VicOne analyzes the increasing cyber threats in the automotive sector. With the rapid development of software-defined vehicles (SDVs) and AI-powered innovations, cyber risks are growing exponentially. In January 2024 alone, 297 cyberattacks on IT systems of automotive companies were recorded worldwide, causing over US$22 billion in damages.
Especially critical: 83% of vulnerabilities were found in vehicle-internal systems such as onboard networks, infotainment, and driver assistance. The ongoing connectivity, particularly in the area of e-mobility and autonomous driving, opens up new attack surfaces – from insecure charging stations to “prompt injection” attacks on voice assistant systems.
Key KPIs and threat trends
- 530 newly discovered vulnerabilities (2024): Significant increase due to connected features.
- 297 recorded cyberattacks: Mainly affect suppliers and dealers (56.9%), OEMs at 9.8%.
- Over US$22 billion in damages: Caused by ransomware, data leaks, and operational disruptions.
- 83% of vulnerabilities: Affect onboard networks and in-car systems.
- Top threats: Supply chain vulnerabilities (1,564 cases), third-party integration (308), vehicle takeovers (295).
- Regional distribution: Over half of attacks in North and Latin America; followed by Europe and Asia.
Regulatory requirements and Security by Design
Political and normative requirements are increasing:
- ISO/SAE 21434: Cybersecurity risk management.
- UNECE-R155: Cybersecurity management system.
- TISAX audits: Information security for suppliers.
Manufacturers and Tier-1 suppliers must consistently implement Security by Design – from the concept phase to series production. Only firmly established threat analyses and continuous risk assessments in the development process can secure approvals and create trust.
CYKEN CEO Ismail Özer calls for a rethink
“These alarming figures should shake up everyone responsible,” warns Ismail Özer, CEO of CYKEN GmbH. “Security must be firmly anchored in the development process from the very beginning. OEMs and suppliers must not only react after incidents – Security by Design and continuous risk analyses are mandatory to protect innovation and consumer trust.”
Act now: Cybersecurity check and whitepaper
The complete VicOne report “Shifting Gears 2025 – Automotive Cybersecurity Report” is now available for download. Tech decision-makers, OEMs, and suppliers will find in-depth analyses and recommendations for action. CYKEN also recommends a free cybersecurity check to identify risks in your own system.
Interested companies can find information on the CYKEN website, download expert whitepapers, or contact them directly. Act now and strengthen your cyber resilience!
Contact: E-mail: info@cyken.de – Get the whitepaper & cybersecurity check now.