Cyber threats of global auto industry abound: Study

A top cyber security firm says it has identified a startling number of threats targeting OEMs, Tier 1 and Tier 2 companies working in the global automotive industry.

IntSights Cyber Intelligence revealed its Automotive Cyber Security Benchmarking Report this week. The study details the more than six months IntSights spent anonymously searching the Dark Web to find intelligence on 101 leading automotive firms.

For security experts, the results are hardly surprising: more than 18,000 fake or phishing domains explicitly targeting the top 100 global automotive manufacturers and OEMs.

The company also found approximately 2,200 leaked email correspondences associated with these same companies circulating on the Deep and Dark Web.

IntSights said it is the first entry in a benchmarking report series that will research and identify the threats facing a variety of the world’s largest industries.

The threats in automotive also included over 73,000 leaked credentials, 170 employees on target lists for hacking purposes and 230 internal login pages.

It also discovered message board posts instructing aspiring criminals on how to steal cars by triangulating car key VIN numbers and keys, and how to hack software in order to unlock a car.

“IntSights’ benchmarking reports will offer business and industry leaders a view into the threats that their organizations face due to criminal activity on the dark web,” said Guy Nizan, IntSights CEO and co-founder. “With this data, enterprise security teams can better define their threat research and remediation strategies to ensure the strongest possible posture against external attacks.”