US Automakers Were Leading Targets for Hackers in 2018: FBI

It’s one of the world’s most valuable industries—in ways good and bad.

byChris Chin|
US Automakers Were Leading Targets for Hackers in 2018: FBI

As new cars continue to become even more computerized and wirelessly connected, an increasingly relevant concern arises: what about hackers? It may sound like a problem created by science fiction, but as automakers push for connected vehicles that retain customer data, cybersecurity is more important than ever. This statement is bolstered by a recent FBI report that claims the U.S. auto industry was one of the leading targets for malicious hackers in 2018. 

The recent rise in attacks has "resulted in ransomware infections, data breaches leading to the exfiltration of personally identifiable information, and unauthorized access to enterprise networks," the FBI told media, including those at CNN who reported on the matter Wednesday.

"The automotive industry likely will face a wide range of cyber threats and malicious activity in the near future as the vast amount of data collected by Internet-connected vehicles and autonomous vehicles become a highly valued target for nation-state and financially motivated actors,” the statement continued.

The FBI didn’t say whether the cyberattacks were backed by foreign states or private parties. However, the agency did disclose that hackers have repeatedly and successfully compromised the computer systems of U.S.-based automakers in recent years using “brute force” attacks. This led to the hackers gaining access to unsuspecting email lists and other compromises of sensitive data belonging to a multitude of companies. In more than one case, hackers even initiated fraudulent wire transfers.

While automakers may be the victim of data security compromises, the hacking of user and company data isn’t the only concern.

Back in 2016, auto-related cybersecurity was brought into the limelight by software developers Charlie Miller and Chris Valasek. In their groundbreaking experiment, the duo was able to commandeer the electric steering and brake control of a Jeep Cherokee at the time by wirelessly hacking into the car’s main computer through an OBD-II connector. This then prompted Fiat-Chrysler Automobiles to issue a major 1.4-million-vehicle recall over software security issues.

Wireless connectivity features aren't necessarily new to the automobile as they've been around in one way or another since the 1990s. But as cars now come with cellular network-based WiFi hotspots, satellite connections, and other wireless data infrastructure such as V2X communication, it also opens the door for malicious attacks.