News, news analysis, and commentary on the latest trends in cybersecurity technology.

Automakers Need to Lock Their Doors Against Ransomware

Issues with patch management and other security practices leave auto manufacturers open to attacks.

Dark Reading Staff, Dark Reading

February 23, 2022

1 Min Read
Heat map that grades automakers on ransomware preparedness in various security areas; each area adds up to 100 companies
Source: Black Kite

Nearly half of the top 100 automobile manufacturers are "highly susceptible" to ransomware, according to a recent report by Black Kite.

"The Ransomware Risk: Automotive Manufacturing in 2021" report grades the performance of the top 100 auto manufacturers (and their top 100 suppliers) on various aspects of security preparedness. The group earned an overall C+ rating, indicating they were not very well prepared to fend off ransomware. The above heat map shows where the holes are.

As you might expect from a consumer-focused industry, automakers rated well for the security of their social network presence (92 As, 6 Bs, 1 C, and 1 D), brand monitoring (90 As, 10 Bs), and hacktivist shares (90 As, 9 Bs, 1 C). In addition, the sector overall did quite well in monitoring their attack surface (80 As, 20 Bs) and addressing fraudulent apps (80 As, 8 Bs, 10 Cs, 2 Ds). The companies also were well prepared for distributed denial-of-service attacks (35 As, 57 Bs, 8 Cs), and they generally kept their DNS health tuned up (51 As, 40 Bs, 8 Cs, 1 F).

Under the hood, however, four vital areas saw more than half of the companies earning Ds or Fs: content-delivery network security (53 Ds, 18 Fs), SSL/TLS strength (56 Ds, 14 Fs), application security (16 Ds, 49 Fs), and of course that pervasive vexation, patch management (6 Ds, 60 Fs). By now the vital importance of patching software has been thoroughly established, so hopefully next year's numbers will be better.

View the full automotive sector report from Black Kite.

About the Author(s)

Dark Reading Staff

Dark Reading

Dark Reading is a leading cybersecurity media site.

Keep up with the latest cybersecurity threats, newly discovered vulnerabilities, data breach information, and emerging trends. Delivered daily or weekly right to your email inbox.

You May Also Like

More Insights