Report: Auto industry faces severe data breaches & ransomware threats

Sept. 14, 2021
Cyber-threats face car manufacturers due to publicly accessible sensitive information, including exposed credentials, assets and blueprints.

CybelAngel released the report “The Race Against External Threats in the Automotive Supply Chain,” which shows the automotive industry is at severe risk of ransomware attacks due to the availability of hundreds of thousands of exposed credentials online. The company conducted a six-month investigation of leading automotive companies to understand their cyber-exposure risk and vulnerabilities, analyzing assets that are publicly available without the need for authentication.

The investigation revealed that highly sensitive information was leaked, including trade secrets, personally identifiable information (PII), blueprints of engines and production facilities, confidential agreements, human-resources (HR) documents and more. These leaks are due to both employee internal threats and external security weaknesses across the automotive supply chain.

Data was found across file servers, email exchange servers, databases, pastebins and IoT devices. Key findings include:

  • A single vendor leaked nearly 200 pages of blueprints detailing the facility infrastructure and security system specifications.
  • A single facilities supplier leaked IP and documents from six different brands including blueprints and facility diagrams.
  • Out of a sample group of 2.2 million employees, roughly one in 10 employees have exposed publicly accessible credentials available online.
  • Out of 14 manufacturers (2.2 million employees), 60 million keyword matches with 800,000 alerts of brand names in documents hosted on exposed servers, clouds and databases.
  • Companies from the United States and Western Europe suffered the most exposed credentials. These credentials represent a major risk, as stolen, exposed, or reused credentials are exploited in 30% of ransomware attacks.
  • Researchers found 26,322 exposed assets with open ports or vulnerable protocols that needed to be closed immediately or monitored closely.

“The risks of exposed data cannot be overstated. Ransomware attacks, leaks, exposed assets and credentials put companies at risk of intellectual property theft, data theft, corporate espionage, fraud and regulations fines,” said Erwan Keraudy, CybelAngel CEO. “The automotive sector in particular is attractive to hackers because it has long, complex and interconnected supply chains with varying cybersecurity levels and therefore weak points. Now is the time for the automotive industry to take action to lock down data and safeguard credentials.”