The American automotive industry has been the target of malicious cyber actors since at least late 2018, according to an FBI report obtained by CNN.
In the bulletin disseminated this week to a select group of private companies, the FBI warned of efforts by hackers to successfully compromise auto industry computer systems using sophisticated techniques and by taking advantage of network vulnerabilities.
The cyber attacks “have resulted in ransomware infections, data breaches leading to the exfiltration of personally identifiable information, and unauthorized access to enterprise networks,” the FBI said.
“The automotive industry likely will face a wide range of cyber threats and malicious activity in the near future as the vast amount of data collected by Internet-connected vehicles and autonomous vehicles become a highly valued target for nation-state and financially motivated actors,” the FBI added.
The FBI did not identify which specific cyber actors have targeted the US automotive industry, or whether any are state-supported.
The report lists a number of examples of the ways in which hackers have successfully compromised US automotive companies, including the employment of so-called “brute force” attacks to access computer networks.
In other instances, hackers resorted to “phishing” attacks, which included sending emails to unsuspecting victims containing malicious attachments. Once the attachments were opened by employees, embedded computer code allowed hackers to access and move throughout computer networks and exfiltrate sensitive data.
Unidentified cyber actors were able to obtain access to employee email accounts at multiple companies in the automotive industry, the FBI said. Once inside networks, hackers created mailbox rules to automatically forward sensitive company messages to external email addresses not associated with the targeted companies. In addition to the theft of sensitive information, intruders were able to conduct fraudulent wire transfers.
The bureau also warned that several automotive companies fell victim to ransomware attacks resulting in the loss of access to company data, and disruptions to company networks that impacted daily operations. In one instance, a victim company paid the ransom, however, the attackers failed to then provide the company with access to its stolen information.
An FBI spokesperson would not comment on details in the report, but noted that “in furtherance of public-private partnerships, the FBI routinely advises private industry of various cyber threat indicators observed during the course of our investigations.”