Costly cyberattacks against various elements of the auto industry rose sharply last year as hackers ... [+] become more sophisticated, according to a new report from cybersecurity company Upstream.gettyThe rolling computers our cars and trucks have become, the companies that produce them and dealers who sell them have come under a sharp increase in costly cyberattacks according to a new report from cybersecurity company Upstream Security Inc.In 2024, 60% of cybersecurity incidents in the automotive and smart mobility sectors affected thousands to millions of mobility assets, including vehicles, EV charging stations, smart mobility apps, and connected devices, the 2025 Global Automotive and Smart Mobility Cybersecurity Report by Upstream revealed.In particular, massive-scale incidents, each impacting millions of vehicles, more than tripled, rising from 5% in 2023 to 19% in 2024, according to the report.Chart from Upstream report showing sharp increase in "high-massive" impact cybersecurity attacks ... [+] against the auto industry in 2024.UpstreamIndeed, massive-scale incidents continued to increase between 2023 and 2024, accounting for nearly 60% of all incidents, the report revealed.Jason Masker, director of solutions architecture at cybersecurity company Upstream Security Inc. Ed GarstenThese threat actors are looking for, what's the best leverage I have to get you to pay me. If that's now, I can impact millions of vehicles. I can impact your reputation. I can impact your I'm going to get you to pay me, to keep this quiet, said Jason Masker, director of solutions architecture at Upstream, in an interview on the sidelines of a cybersecurity conference in Dearborn, Michigan this week.The attacks have grown far beyond simply hacking into a vehicles controls, although thats still a threat.The report cites a discovery by Duke University researchers that radar used to adjust proper separation of vehicles when adaptive cruise control is in use can be attacked with potentially disastrous results.This type of attack can be used to fool adaptive cruise control systems that use radar, into thinking the car in front of it is speeding up, when it is not, resulting in a frontal collision, the report warned.Other types of cyberattacks cited included:The U.S. division of a Japanese automaker hit with ransomware attack resulting in data theft of 22GB of sensitive vehicle and customer information.Chinese tier-two supplier hit by a ransomware attack leading to a major breach of 1.2TB of data, impacting Chinese and global manufacturers.Italian branch of a German automaker experienced a data breach compromising customer personal identifiable information.Chart from Upstream report on breakdown of auto-related cybersecurity attacks in 2024. UpstreamAuto dealers were especially vulnerable to costly cyberattacks. In one incident cited by the report, a major ransomware attack against a major dealership management software provider affecting 15,000 dealerships, led to a three-week service outage, over $1 billion in economic damage and a $25 million ransom demand.The Anderson Economic Group-AEG, estimated that total direct losses to franchised auto dealers reached $1.02 billion, according to the report.AEGs figure includes lost earnings from the approximately 56,000 new unit sales the company estimated were lost during the three-week period, lost earnings on used car sales, lost earnings on parts and service, additional staffing and IT service costs and additional floor plan interest costs on inventory.The breadth of effort by so-called black hat attackers continues to grow, including invading or disabling the computer systems that track commercial truck drivers legally-mandated service logs until a ransom is paid, basically shutting down operations.They're learning from every interaction, from every impact, noted Masker. If we didn't get paid out enough that time, maybe we'll go a little further next time.Its all evidence malicious cyberattackers have turned their attention from individual drivers to targets with much deeper pocketsnamely automakers and suppliers that would take huge financial hits should their computer systems be disabled for an extended time.If I'm talking about hundreds of millions or billions, even, of dollars a year, what's a month, right? If you're shut down for 30 days, yeah, that money's not coming in, noted Masker.Indeed, cyberattackers have changed their tactics from merely disabling a system to extract ransom payments.Traditional ransomware extortion tactics, where attackers encrypt critical data, shutdown the victim's operation, and extort them with the threat of releasing sensitive data (e.g., double extortion) have proven less effective for attackersdata encryption is resource-intensive and many organizations can restore their data from backups, the report noted.The sharp increase in cyberattacks has revealed what the report terms a widening gap between regulations designed to minimize such attacks and companies efforts to stay ahead of attackers, due to a false sense of security.The report urges automakers and mobility stakeholders to go beyond regulations to address the threats causing serious implications for safety, operational availability and data privacy.Upstream takes a multi-level approach to defending against cyberattacks. Most notably, it monitors activities in more than 25 million vehicles, ingesting what Masker describes as dozens of billions of transactions, giving its clients fair warning about possible attacks.The company also employs individuals to join and lurk on certain websites where they might catch discussions planning attacks.There's all kinds of auto enthusiasts out there, said Masker. Sometimes they're just trying to make their cars go fast. Wouldn't hurt anyone. Theyre working on their own car, but they discover something that somebody goes, ah, I can take this and apply it and do something kind of malicious. So we have people in those forums.Upstream CEO Yoav Levy expects artificial intelligence to play a much greater role in helping to detect such attacks, predicting in the report, an acceleration in AI adoption, integrating it across detection, investigation, and mitigation processes.Experts quoted in the report all expect the incidences of cyberattacks against the auto industry to increase this year affecting everything from connected electric vehicle battery charging networks to manufacturing operations.The motivation for the attacks remains simple, according to Masker.Its all about the payday.