Malicious attackers have notably stepped up attacks on the U.S. auto industry since late year, hitting car manufacturers with ransomware, compromising their systems, and exfiltrating their data, the FBI reportedly warned this week.
CNN on Wednesday reported that the FBI alert came in the form of a private bulletin sent to a select group of companies, advising them that bad actors are trying to leverage network vulnerabilities and techniques such as brute forcing and phishing to access and infiltrate their networks.
Several campaigns have already been successful, the FBI noted, according to the CNN report. For instance, attackers have accessed employee email accounts at multiple companies, and then created new mailbox rules to ensure that sensitive messages are automatically forwarded to attacker-controlled external email addresses.
Malicious hackers have not only stolen information, but they have also executed fraudulent wire transfers and launched disruptive ransomware attacks, the report continued, citing the FBI bulletin. In one case, the victim paid the ransom, but still never gained back accessed to the data it had lost.
What's more, the attack surface will only grow larger as more manufacturers invest in autonomous vehicle technology. "The automotive industry likely will face a wide range of cyber threats and malicious activity in the near future as the vast amount of data collected by internet-connected vehicles and autonomous vehicles become a highly valued target for nation-state and financially motivated actors," the FBI reportedly stated in its bulletin.
The bulletin reportedly did not elaborate on who is responsible for the attackers, or if a national-state-sponsored actor is involved.
"With more cyberattacks looming in the auto industry, companies need to deploy cyber defenses that are more effective. Unfortunately, perimeter security, stronger passwords, or even intrusion detection are still being bypassed due to sophisticated techniques and vulnerabilities," said Jonathan Deveaux, head of enterprise data protection at comforte AG, inn emailed comments. Since disruption of operations and stealing exploitable data are what bad actors are after, it would seem prudent to incorporate security that protects the data itself... A data-centric security approach helps organizations deploy data protection focused on security and maintaining privacy on the data itself."
"Hackers target anyone who is connected to the internet and disrupt companies by using methods like ransomware and phishing to monetize on sensitive business information. The automotive industry is unfortunately no exception to these criminal activities, so it's not surprising to hear that they are being targeted for cyberattacks like everyone else," said Elad Shapira, head of research at Panorays. "Like enterprises across all industries, the automotive industry must put in place cybersecurity processes and procedures to guard against such attacks. In particular, when an enterprise shares data or partners with other organizations, it needs to be aware not only of the risk directly posed to its systems, but the risk to its partners’ systems as well."
Javvad Malik, security awareness advocate at KnowBe4, said that for auto manufacturers, and all other organizations for that matter, "user awareness and training is is an essential part of protecting organizations. A strong security culture can help protect against attacks through phishing and also... reduce the likelihood that employees will use weak passwords or reuse passwords across different services."
"Beyond that companies should also have good monitoring and threat detection controls in place so that if they are breached, threats can be detected and remediated in a timely manner," Malik continued.