News, news analysis, and commentary on the latest trends in cybersecurity technology.
Automakers Need to Lock Their Doors Against Ransomware
Issues with patch management and other security practices leave auto manufacturers open to attacks.
Nearly half of the top 100 automobile manufacturers are "highly susceptible" to ransomware, according to a recent report by Black Kite.
"The Ransomware Risk: Automotive Manufacturing in 2021" report grades the performance of the top 100 auto manufacturers (and their top 100 suppliers) on various aspects of security preparedness. The group earned an overall C+ rating, indicating they were not very well prepared to fend off ransomware. The above heat map shows where the holes are.
As you might expect from a consumer-focused industry, automakers rated well for the security of their social network presence (92 As, 6 Bs, 1 C, and 1 D), brand monitoring (90 As, 10 Bs), and hacktivist shares (90 As, 9 Bs, 1 C). In addition, the sector overall did quite well in monitoring their attack surface (80 As, 20 Bs) and addressing fraudulent apps (80 As, 8 Bs, 10 Cs, 2 Ds). The companies also were well prepared for distributed denial-of-service attacks (35 As, 57 Bs, 8 Cs), and they generally kept their DNS health tuned up (51 As, 40 Bs, 8 Cs, 1 F).
Under the hood, however, four vital areas saw more than half of the companies earning Ds or Fs: content-delivery network security (53 Ds, 18 Fs), SSL/TLS strength (56 Ds, 14 Fs), application security (16 Ds, 49 Fs), and of course that pervasive vexation, patch management (6 Ds, 60 Fs). By now the vital importance of patching software has been thoroughly established, so hopefully next year's numbers will be better.
View the full automotive sector report from Black Kite.
About the Author
You May Also Like
Unleashing AI to Assess Cyber Security Risk
Nov 12, 2024Securing Tomorrow, Today: How to Navigate Zero Trust
Nov 13, 2024The State of Attack Surface Management (ASM), Featuring Forrester
Nov 15, 2024Applying the Principle of Least Privilege to the Cloud
Nov 18, 2024The Right Way to Use Artificial Intelligence and Machine Learning in Incident Response
Nov 20, 2024