German Automotive Sector Cybercrime Threats Landscape Report

Yael Kishon, Threat Intelligence Analyst

The automotive sector is considered to be the largest sector in Germany, generating over 411 billion euro in revenue. Germany is the largest automobile manufacturing country in Europe, producing 30% of all passenger cars in the EU in 2021. Automotive companies, their employees and users have frequently become targets of cybercriminals aiming to perform various attacks. One of the recent examples is an info-stealing campaign that targeted customers of German companies, mainly car dealers, with phishing emails aimed to infect the victims with info-stealing malware.
Another recent cyberattack that occurred in March 2022, targeted a German subsidiary of Denso, a Japanese automotive supplier. The Pandora ransomware group announced that it compromised the network and shared screenshots of purchase orders, automotive technical diagrams, and emails on its blog. Moreover, the gang claimed to have stolen 1.4 TB of data from the company. Following the attack, Denso apologized for any inconvenience caused and confirmed that the German network was illegally accessed.
With more and more vehicles connected to the internet and using many digital functions, major automotive companies are exposing cars to additional malicious activities and increasing the risk of cyberattacks.
The recent cyber-attacks that have targeted the automotive industry in Germany drove KELA to investigate the level of exposure of the 15 largest German automotive manufacturers, suppliers, and dealers to shed light on cyber threats they faced from January 2021 to April 2022.