AN: Ransomware attacks could crimp industry’s recovery from pandemic, report says

Almost half of 100 automotive manufacturers and more than 17 percent of suppliers are at high risk for a ransomware attack, according to cybersecurity ratings provider Black Kite.

Automakers are ramping up digitization but lack cybersecurity. That’s music to the ears of cyberattackers.

Almost half of 100 automotive manufacturers and more than 17 percent of automotive suppliers surveyed by cybersecurity ratings provider Black Kite are at high risk for a ransomware attack. That’s the latest from the provider’s new report on the topic.

If left unchecked, cyberattackers can infiltrate unsecured corporate IT systems and install malware, restricting companies’ access to crucial data and holding it for ransom. Black Kite says more attacks could exacerbate current industry headwinds, such as parts shortages and production stoppages.

“If that happened and it took [an automaker] offline, and they had to make the decision — ‘Well, do we pay a $5 million ransom to get our systems back, or do we have the procedures in place to be able to restore our systems?’ — it becomes a very complicated business decision that no CEO really wants to face,” said Bob Maley, Black Kite’s chief security officer.

An estimated 71 percent of automotive chief information officers indicated they will ramp up cybersecurity and information security investments in 2021, according to the report.

Notably, Black Kite found several automakers do poorly when it comes to patch management, or sending out and applying updates to the software. The report indicated 71 percent of the automotive companies it surveyed have an “F” rating in that area.

“[Bad actors] will look for older servers, and then they’ll explore to see, ‘Are there vulnerabilities there?'” Maley said.

Full Article: https://www.autonews.com/automakers-suppliers/ransomware-attacks-could-crimp-industrys-recovery-pandemic-report-says