Ransomware attacks on auto industry rise, the security steps you need to take now - CBT News

TSLA428.35016.56%GM78.8000.39%F12.3250.145%RIVN14.2200.045%CYD46.2402.51%HMC24.5100.45%TM187.530-1.47%CVNA77.940-2.064%PAG173.8102.2%LAD293.9902.89%AN205.9700.68%GPI357.8307.67%ABG200.390-0.06%SAH81.2001.07%TSLA428.35016.56%GM78.8000.39%F12.3250.145%RIVN14.2200.045%CYD46.2402.51%HMC24.5100.45%TM187.530-1.47%CVNA77.940-2.064%PAG173.8102.2%LAD293.9902.89%AN205.9700.68%GPI357.8307.67%ABG200.390-0.06%SAH81.2001.07%TSLA428.35016.56%GM78.8000.39%F12.3250.145%RIVN14.2200.045%CYD46.2402.51%HMC24.5100.45%TM187.530-1.47%CVNA77.940-2.064%PAG173.8102.2%LAD293.9902.89%AN205.9700.68%GPI357.8307.67%ABG200.390-0.06%SAH81.2001.07% facebook instagram Linkedin TikTok Twitter Youtube Ransomware attacks on auto industry rise, the security steps you need to take now Ransomware attacks more than doubled in 2025, and the targets now include the vehicles themselves, says a new report from cybersecurity firm Halcyon. By Jason Becknell May 1, 2026 On the Dash: Ransomware attacks on the auto industry more than doubled in 2025, accounting for 44% of all cyber incidents. Suppliers are the weakest link, giving criminals a back door into OEM systems. Connected vehicles are now a direct target, with attackers seizing remote control of individual cars. Ransomware attacks targeting the automotive sector more than doubled in 2025, according to a new report by cybersecurity firm Halcyon. Ransomware is a type of cyberattack in which criminals infiltrate a company’s systems, encrypt its data, and demand payment to restore access. Those attacks made up almost half (44%) of all cyber incidents across the industry last year, the report found. The consequences have been severe. A ransomware attack halted all of Jaguar Land Rover’s global production for more than three weeks last October, causing an estimated $2.5 billion in economic damage. Sign up for CBT News’ daily newsletter and get the latest industry stories delivered straight to your inbox. A year earlier, BlackSuit, a Russia-linked criminal organization, took down operations at approximately 15,000 dealerships for two weeks after attacking the industry’s leading dealership management platform. The collective losses were estimated at $1 billion. Consumer data is also at risk. A compromised automotive IT provider in early 2025 exposed personal information on 2.7 million vehicle owners, including Social Security numbers. Why automakers and dealers are ransomware targets Cybersecurity analysts say criminals are targeting the auto industry for a simple reason: shutting it down is expensive. Automotive manufacturing runs on tight deadlines. When systems go down, the costs quickly add up. The math makes the auto industry one of the most attractive extortion targets for cybercriminals. The industry’s rapid embrace of connected technology made the problem worse. Vehicle platforms, over-the-air software updates, and cloud-based systems all created new targets for the attackers. In 2025, attackers used telematics systems, cloud platforms, or APIs as their primary entry point in 67% of the incidents surveyed, according to Halcyon. Suppliers are the weakest link Most automotive cyber incidents in 2024 hit third-party providers, not the OEMs themselves. Smaller suppliers often hold privileged access to OEM systems. They rarely have the cybersecurity budgets to match that access. Criminals know it. In early 2025, the criminal group Qilin stole more than 500GB of engineering blueprints and supplier agreements from a Japanese precision parts manufacturer. Separate incidents hit suppliers in Italy and Australia during the same period. Breaching a supplier can open a back door straight into an OEM’s systems. The security is weaker. The access is real. And the potential damage runs up the entire supply chain. Connected cars at risk for cyberattacks Ransomware attacks are no longer limited to corporate networks and back-office systems. Criminals are coming for the vehicles themselves. As vehicles come with more connectivity, they are becoming more vulnerable to attack. In June 2025, attackers seized remote control of individual vehicles in Russia. They locked owners out, controlled windows, doors, and engine starts, and demanded ransoms to restore access. The attackers got in through cloned SIMs, expired virtual numbers, and revoked dealer logins. They exploited weak app-registration practices tied to unofficial imports of a specific Chinese vehicle brand. What dealers and automakers need to do now Halcyon’s report urges the industry to invest in cybersecurity measures to combat cybercrime and offers some tips to help keep attackers out: Phishing-resistant, multi-factor authentication for all remote systems and secure accounts. Scrutinize third-party suppliers for potential security issues. Systems should be in place to help detect unusual activity in all networks. Keep offline backups and update and test them regularly. Companies should assume a breach is coming and build systems capable of identifying unusual activity quickly. Finding an attacker early limits the damage. Waiting until systems are encrypted does not. Tagsautomotive industry dealership news automotive news auto industry news automotive industry news More from Industry News NADA urges Congress to reject REPAIR Act as bill advances to House committee Jason Becknell - May 8, 2026 On the Dash: NADA is urging Congress to vote against the REPAIR Act, calling the legislation unnecessary and a data privacy threat. The REPAIR Act advanced out of subcommittee in... Industry News Articles Auto trade groups urge USMCA extension as tariff pressures reshape industry Colin Fitzpatrick - May 8, 2026 On the Dash: Dealers depend on USMCA stability to maintain predictable vehicle pricing and supply across North America. Any fragmentation of the trade agreement could raise costs and complicate sourcing... Industry News Articles Honda extends lifecycle of five models through end of decade Jason Becknell - May 7, 2026 On the Dash: Honda dealers may face several years of aging inventory, increasing reliance on incentives and tighter margins to stay competitive. Honda is delaying major redesigns while shifting focus... Automotive News Industry News Lawmakers warn Chinese auto expansion threatens U.S. manufacturing Ashby Lincoln - May 7, 2026 On the Dash: Potential restrictions on Chinese automakers could reshape future EV competition and pricing in the U.S. market Ongoing trade tensions may create continued uncertainty around sourcing, tariffs, and... Industry News Articles Previous article Next article Latest Articles Latest Articles 05/09/26 Weekly roundup: Trump threatens 25% tariffs on EU auto imports, Ford accelerates secret $30K EV truck, 14 VW dealers protest Scout’s direct sales approach Latest Articles 05/08/26 NADA urges Congress to reject REPAIR Act as bill advances to House committee Latest Articles 05/08/26 Toyota Indiana: A real-life field of dreams Latest Articles 05/08/26 Auto groups push USMCA extension, Stellantis expands EV push, Toyota misses profit estimates Latest Articles 05/08/26 Fette Auto Group acquires Leo Kaytes Ford in Warwick, New York Latest Articles 05/08/26 Auto trade groups urge USMCA extension as tariff pressures reshape industry Latest Articles 05/08/26 Stellantis, Leapmotor expand partnership with