Vehicle cybersecurity under scrutiny as major hacking attempts triple in 2024

Massive-scale global incidents from hackers targeting connected vehicles and mobility services tripled from 5% to 19% in 2024, according to a data security management specialist.

US-based Upstream Security said this sharp increase highlights the need for organisations to prioritise resilience by extending their cybersecurity efforts beyond regulatory compliance.

The 2025 Automotive & Smart Mobility Cybersecurity Report revealed that in 2024, 60% of cybersecurity incidents in the automotive and smart mobility sectors affected thousands to millions of mobility assets, including vehicles, EV charging stations, smart mobility apps, and connected devices.

Ransom attacks

Mobility-specific ransomware attacks surged in 2024 causing unprecedented disruptions with 108 reported ransom attacks and 214 data breaches.

One of the most impactful incidents was a ransomware attack in June on a leading US-based software provider used by 15,000 automotive dealerships which resulted in halted operations for nearly three weeks, estimating losses at $1.02 billion (£820 million).

Cyberattacks in 2024 became more sophisticated and frequent, targeting vehicles and backend systems, as well as smart mobility platforms, devices, and applications.

Nearly two thirds (65%) of publicly reported cyber incidents were carried out by professional criminal hackers with malicious intent.

Nearly all (92%) of the attacks were executed remotely, supporting the surge in scale and impact, of which 85% were long-range and did not require any physical proximity to the targeted asset.

The ecosystem experienced a significant surge in telematics and application server attacks in 2024— 43% of incidents in 2023 rising to 66% in 2024.

Yoav Levy, chief executive and co-founder of Upstream, said: “The cybersecurity landscape across the automotive and smart mobility ecosystem is poised to become more complex than ever.

“Cyber threats are evolving faster than the industry is prepared to handle, outpacing regulation-driven measures.

“Threat actors have already shifted toward large-scale, sophisticated and AI-powered attack methods, targeting not only vehicles but also interconnected systems such as EV charging infrastructure, API-driven apps, and smart mobility IoT devices.

“This growing attack surface demands a transformative and proactive approach to cybersecurity.”