These systems, managed by manufacturers or third parties like taxi fleets or charging networks, face risks such as fake updates, illegitimate commands from C & C servers, data breaches or malware infections, potentially leading to driver assist system malfunctions, inability to unlock / start vehicles or infotainment failures. Attacks can exploit weak authentication, poor code quality or any insecure architecture aspect( vehicle functions and systems, services, communication, software and hardware components), which could cause data theft, manipulation or loss.
For manufacturers, unaddressed vulnerabilities in vehicles or infrastructure pose long-term risks, including costly recalls or security overhauls, emphasising the need for robust cybersecurity measures. Through infrastructure security manufacturers can boost vehicle security and vehicle safety, which results in a safer driving experience.
RISKS FOR THE MANUFACTURER’ S ICT INFRASTRUCTURE
Vehicle manufacturers’ ICT infrastructure, encompassing back-office systems, R & D, production and supporting servers, faces significant cybersecurity risks that can disrupt operations and incur substantial costs. Cyberattacks, such as the 2023 ransomware attack on Kendrion and the SAF-HOLLAND SE incident, which halted production and caused revenue losses of approximately € 40 million, highlight vulnerabilities that can lead to production delays, malware infections in firmware and leaks of sensitive design or intellectual property data. These disruptions threaten strict model release deadlines, potentially compromising code quality, increasing technical debt or forcing inadequate security measures. While most risks are short-term, such as ransomware or data theft, long-term threats like malicious code or backdoors persist, emphasising the need for robust cybersecurity to safeguard critical manufacturing and development processes.
RISKS ASSOCIATED WITH SUPPLY CHAINS
Cybersecurity risks in vehicle manufacturers’ supply chains lead to potential disruptions and compromised components. Limited transparency about third-party components, insecure development practices, delayed vulnerability notifications and unpatched systems can introduce risks like critical vulnerabilities in firmware or unfulfilled supply obligations, causing production delays or halts. Vehicle manufacturers must allocate extra resources to test and mitigate these risks, while UN Regulation 155 urges them to evaluate suppliers. ISO / SAE 21434 recommends evaluating second-tier suppliers as well, and also recommends coming up with a cybersecurity interface agreement where the duties and responsibilities of the supplier and the vehicle manufacturer are described. If the supplier cannot do something, the manufacturer must implement protective measures on its side.
HOW CAR MANUFACTURERS TEST THE RESILIENCE OF SYSTEMS TO CYBERATTACKS
Car manufacturers can test their vehicles for cyberattack vulnerabilities through a combination of in-house and outsourced efforts, with a strong emphasis on secure development practices. They can partner with specialised cybersecurity firms to conduct penetration testing, vulnerability assessments and simulated cyberattacks on vehicle systems, including infotainment, telematics and autonomous driving components. These third-party experts employ advanced techniques to identify weaknesses in software and hardware. Outsourcing allows manufacturers to leverage cutting-edge expertise and stay ahead of evolving threats, as cybersecurity is a highly specialised field requiring constant updates to counter new attack vectors.
In parallel, carmakers should integrate secure development practices into their production processes to proactively minimise vulnerabilities. This involves adopting frameworks like ISO / SAE 21434, which emphasises the need of cybersecurity risk management throughout the vehicle lifecycle, from design to decommissioning. Secure coding standards, regular software audits and threat modeling, threat analysis and risk assessment are embedded into the design and development to ensure systems are built with resilience against attacks. By combining outsourced security testing with a robust secure development lifecycle, manufacturers aim to deliver vehicles that are both innovative and protected against cyber threats, addressing the growing complexity of connected and autonomous cars.
ENTER SECURE-BY- DESIGN
Secure-by-Design systems, such as those developed by Kaspersky, embed cybersecurity into the core architecture of automotive systems from the initial design phase, significantly enhancing vehicle security against cyber threats. By implementing principles like secure coding, robust authentication and in-vehicle network segmentation, these systems minimize vulnerabilities in critical components like advanced driver assistance systems, infotainment and telematics, as well as in supporting infrastructure like over-the-air update servers.
Automotive solutions like KasperskyOS provide a secure operating environment that isolates critical functions and restricts unauthorised access, reducing the risk of attacks such as remote hijacking or data breaches. Threat intelligence from Kaspersky ICS CERT enables vehicle manufacturers to stay ahead of trends and threats in cybersecurity by providing real-time insights into vulnerabilities, attack patterns, and emerging risks, allowing proactive mitigation and robust protection of connected vehicle systems.
NOVEMBER | DECEMBER 2025 17 WORDS IN ACTION