Surge in ransomware targeting automotive sector with 44% share of incidents in 2025
Summary
Hide ▲
Show ▼
Ransomware now represents 44% of all cyberattacks against global automotive manufacturers in 2025, more than doubling compared to previous years, driven by the sector’s rapid adoption of connected technologies, cloud services, and interconnected third-party supply chains. The industry’s low tolerance for operational downtime and reliance on privileged supplier access have elevated attack opportunities, with incidents spanning OEMs, suppliers, and connected vehicle platforms. High-profile impacts include a five-week production outage at Jaguar Land Rover (JLR) in 2024, costing approximately £108 million per week and generating £1.9 billion in macroeconomic losses. Attackers increasingly exploit expanded corporate attack surfaces including connected vehicle systems, OTA update mechanisms, and cloud environments, while targeting smaller suppliers with weaker security postures that often have privileged access to OEM networks.
Timeline
-
16.04.2026 11:35 1 articles · 5h ago
Ransomware surpasses all other cyber threats in automotive sector with 44% share of attacks in 2025
Ransomware attacks on global automotive manufacturers more than doubled in 2025, representing 44% of all reported incidents in the sector. Major automotive OEMs and suppliers face operational disruption risks due to interconnected systems including connected vehicle platforms, OTA update mechanisms, and cloud environments. The shift reflects cybercriminals targeting industries with low downtime tolerance and sprawling third-party networks, resulting in severe financial and macroeconomic consequences as demonstrated by high-profile incidents.
Show sources
- Automotive Ransomware Attacks Double in a Year — www.infosecurity-magazine.com — 16.04.2026 11:35
Information Snippets
-
Ransomware accounted for 44% of cyberattacks on global automotive manufacturers in 2025, more than doubling compared to prior years.
First reported: 16.04.2026 11:351 source, 1 articleShow sources
- Automotive Ransomware Attacks Double in a Year — www.infosecurity-magazine.com — 16.04.2026 11:35
-
Connected vehicle platforms, over-the-air (OTA) update systems, and cloud-based environments have significantly expanded the attack surface for automotive manufacturers.
First reported: 16.04.2026 11:351 source, 1 articleShow sources
- Automotive Ransomware Attacks Double in a Year — www.infosecurity-magazine.com — 16.04.2026 11:35
-
Jaguar Land Rover (JLR) experienced a ransomware-related production outage lasting five weeks in 2024, resulting in an estimated £108 million weekly loss in fixed costs and lost profit.
First reported: 16.04.2026 11:351 source, 1 articleShow sources
- Automotive Ransomware Attacks Double in a Year — www.infosecurity-magazine.com — 16.04.2026 11:35
-
The JLR ransomware incident caused £1.9 billion in total economic impact across the UK, disrupting supply chain partners that were forced to halt production lines.
First reported: 16.04.2026 11:351 source, 1 articleShow sources
- Automotive Ransomware Attacks Double in a Year — www.infosecurity-magazine.com — 16.04.2026 11:35
-
Smaller automotive suppliers with potentially weak security postures often retain privileged access to OEM IT systems, creating additional attack vectors.
First reported: 16.04.2026 11:351 source, 1 articleShow sources
- Automotive Ransomware Attacks Double in a Year — www.infosecurity-magazine.com — 16.04.2026 11:35