Cybersecurity Gaps Threatening the Automotive Industry: Insights from Upstream’s Report

Upstream’s 2025 Automotive Cybersecurity Report: A Wake-Up Call

As the automotive industry continues to embrace advanced technology, the risk of cyber threats grows alarmingly. According to the latest report from Upstream Security, 60 percent of all cyber incidents in 2024 are projected to impact thousands, if not millions, of connected vehicles. The alarming statistic underscores the pressing notion that the automotive ecosystem is experiencing unprecedented vulnerability, particularly in the era of increasing regulatory scrutiny.

Massive-Scale Incidents on the Rise

The 2025 report highlights a staggering increase in massive-scale incidents, with cases affecting millions of vehicles more than tripling—from 5 percent in 2023 to 19 percent last year. This stark rise calls attention to the failure of existing cybersecurity measures to keep pace with the rapidly evolving tactics of cybercriminals.

Data Breaches and Ransomware: The Threat Landscape

Among the report's findings, the number of documented incidents reached 409 in 2024, an increase from 295 in 2023, contributing to a cumulative total of 1,877 cases since 2010. Notably, data privacy-related breaches accounted for a whopping 60 percent of all incidents, with car system manipulation and control skyrocketing to make up over 35 percent of incidents. Ransomware attacks have emerged as a significant vector, frequently targeting the mobility sector, and raising alarms for dealership owners and automotive stakeholders.

The Cybersecurity Landscape: Challenges Ahead

Yoav Levy, CEO of Upstream, comments on the shifting dynamics of cyber threats, emphasizing that attackers are constantly evolving their methodologies. "Cyber threats are evolving faster than the industry is prepared to handle, outpacing regulation-driven measures," he stated. The increasing sophistication of attacks necessitates a systemic approach to enhance organizational resilience beyond mere compliance.

Global Events Fueling the Race for Resilience

Global forums like Pwn2Own Automotive 2025 unveil significant vulnerabilities within the sector, emphasizing the urgency behind addressing gaps in automotive cybersecurity. Earlier this year, 16 unique zero-day vulnerabilities were revealed at the contest, showcasing the continuous threat landscape that automotive cybersecurity experts must navigate.

Actionable Strategies for Dealerships and Automotive Stakeholders

For dealership owners and managers, the insights from Upstream's report serve as a roadmap for prioritizing cybersecurity investments. Since significant challenges loom ahead, organizations are advised to take meaningful strides towards protective measures such as:

• Investing in advanced cybersecurity infrastructure
• Encouraging employee training to recognize and respond to cyber threats
• Implementing proactive measures to shield customer data and vehicle systems