In 2022, there was a big spike in deep/dark web activity and incidents related to application programming interfaces (API), compared with the previous year, according to Upstream’s 2023 Global Automotive Cybersecurity Report. Some 63% of incidents reported last year were attributed to black-hat actors across a wide spectrum of attack vectors. Among the targets were telematics and application servers, remote keyless entry systems, ECUs, infotainment systems, mobile applications, EV charging infrastructure, and Bluetooth…

The good news is that OEMs are taking this challenge seriously. For example, GM’s cybersecurity organization implemented a three-pillar approach based on industry and government best practices to deploy defense-in-depth, monitoring and detection, and incident response to protect GM and its customers. The company also is actively involved in industry-side efforts such as Auto ISAC, the Cyber Readiness Institute, and the Cyber Auto Challenge.