A recent report from Upstream Security found that 60 per cent of cybersecurity incidents in 2024, within automotive and smart mobility sectors, impacted thousands to millions of mobility assets — including vehicles, electric vehicle charging stations, smart mobility apps, and connected devices.
The company is a provider of a cloud-based cybersecurity and data management platform built for automotive, smart mobility, and the IoT ecosystem. Its 2025 Automotive & Smart Mobility Cybersecurity Report highlights that current regulatory requirements are insufficient in addressing what they described as “expanding cyber risks.”
“The cybersecurity landscape across the automotive and smart mobility ecosystem is poised to become more complex than ever,” said Yoav Levy, CEO and Co-Founder of Upstream, in a statement. “Cyber threats are evolving faster than the industry is prepared to handle, outpacing regulation-driven measures.”
Levy said threat actors have already evolved to large-scale, sophisticated, and AI-powered attack methods that target both vehicles and interconnected systems (examples include EV charging infrastructure, API-driven apps, and smart mobility IoT devices). “This growing attack surface demands a transformative and proactive approach to cybersecurity,” he said.
The company said 65 per cent of publicly reported cyber incidents came from black hat actors with “malicious intent,” while 92% of attacks were done remotely. One of the most impactful incidents last year was a ransomware attack on a U.S.-based software provider. The software was used by 15,000 automotive dealerships and the attack halted operations for nearly three weeks. Upstream Security said estimated losses reached $1.02 billion.
Upstream Security said there were 409 new incidents in 2024 — up from 295 in 2023. Data- and privacy-related incidents were also up, accounting for 60 per cent of 2024 incidents which is a rise of 20 per cent from 2023. Furthermore, incidents involving car system manipulation and control of vehicle systems represented more than 35 per cent of cyber incidents in 2024.
The report can be downloaded here.
