4 Cybersecurity Risks for Automotive Manufacturers

PB 25 Rockwell newlogo 400

August 18, 2022

By Joe Agee, Leader, Global Network & Security Services, Rockwell Automation

Several high-profile cyber attacks in recent years have put a spotlight on growing levels of cybersecurity risk in the automotive sector. The industry needs to quickly increase awareness of the current attack surface, which is often through the installed base of network assets, including machines and devices on plant floors.

The Risks

Successful attacks create not only financial risks in terms of ransomware shutdowns, data loss and expensive recovery processes, but also can create physical safety risks on automotive plant floors, lengthy supply chain disruptions – even litigation.

Fortunately, there are steps every automotive manufacturer can take to close common cybersecurity gaps. And it’s much more cost efficient to strengthen cyber resiliency up front than to allow high priority, curable gaps to remain unresolved.

This article outlines some frequently seen installed base vulnerabilities targeted by today’s threat actors.

OT/ICS Network and Asset Security

Over the last decade, automotive manufacturers opened up communications protocols and enabled plant floor data collection with an IoT ecosystem of sensors and actuators. Data sharing from OT to IT has greatly facilitated plant floor efficiencies and cost reductions through detailed analysis of this data within enterprise systems.

The explosion of data-driven insights from increased connectivity across the OT/IT boundary, however, has increased risk with the rise of sophisticated threat actors. Effective cybersecurity starts with knowing exactly what’s on networks to enable proactive securing of what’s legitimate, while removing and blocking what isn’t.  

Without proper security, threat actors can potentially breach the system with the potential of locking up controllers for ransom, controlling the physical actions of machines, altering recipe data, and even creating worker safety hazards.

Automotive manufacturers require a current and up-to-date understanding of all install base assets with visibility to known or unknown vulnerabilities, and a thorough risk assessment methodology within their OT environments to understand and mitigate the security vulnerabilities associated with increased data flow across the OT/IT boundary. This risk assessment can flag poor hygiene practices such as a lack of incident detection capabilities in IDMZ’s, communication protocol risks (e.g. Modbus, PROFINET), or unsecured (or unauthorized) IoT devices.

Poor Patch Management

Weak patch management of the installed base is hugely problematic⁠— 71 percent of automotive companies score poorly on patch management. From industrial plant floor PCs to PLCs, devices running outdated versions of operating systems or software are highly susceptible to cyber attacks. Patches often address critical security vulnerabilities in software, and not applying them on time carries high cybersecurity risk by making it relatively trivial for malicious actors to exploit outdated versions with known security flaws.

While poor patch management poses automotive cybersecurity risks, it’s also understandable in the context of production-critical plant floor devices. In the IT world, it’s straightforward to establish a patching routine for servers and workstations resulting in minimal business disruption.

On plant floors, patching means the potential for downtime on production machines that keep things ticking, and those responsible for OT environments are understandably adverse to any level of downtime. The statistics show that just one minute of halted plant floor production costs can cost automotive manufacturers $22,000. Risk increases when production environments operate with physical servers and have not yet been migrated to virtual compute infrastructures with 24×7 monitoring and administration of OT data centers.

Addressing OT patch management calls for a structured strategy with a minimal production disruption footprint. An asset inventory is critical in this process to provide an overview of every plant floor device, the software versions running on them, and their unpatched vulnerabilities. Also useful is a cybersecurity advisor who’s experienced in production operations to avoid common pitfalls and to quickly reach the right balance between effective security and production uptime.

OT Security Knowledge Gaps

OT security knowledge gaps are another source of vulnerabilities – because you can’t protect what you don’t know about.

For example, startups in the electric vehicle space may cover all the bases for IT cybersecurity to an extremely high degree, yet neglect OT vulnerabilities. Viruses, worms, and vulnerabilities at the automation level may propagate through the network and pose threats to physical equipment. The most infamous example is Stuxnet, which targeted PLCs via Windows exploits.

Increasing OT security starts with tested and validated reference architectures such as Converged Plantwide Ethernet (CPwE). CPwE provides a solid foundation for securing automotive plants. Assistance from experts in such architectures can help smartly deploy firewalls and establish industrial IDMZs to bolster plant floor security.

Additionally, adopting cybersecurity solutions aligned with the five pillars of the NIST framework (Identify, Protect, Detect, Respond, Recover) can greatly mature both IT and OT cybersecurity.

Credential Compromise

Despite the complexity of modern cybersecurity solutions and the sophisticated tactics used by malicious actors, many attacks initially exploit shockingly simple vulnerabilities. The most high-profile example recently was the 2021 Colonial Pipeline hack, in which intruders used a password stolen from a previous dark web data leak to access a VPN account and gain network access.

In an automotive installed base context, credential compromises could result in malicious parties accessing plant floor computers and devices with default or weak username-password pairs. Shared passwords and remote access, more common in our Covid-19 era, can introduce compromises where attackers gain control of machines and/or confidential data.

Zero Trust, an approach that hardens cybersecurity by removing excess or assumed trust from prioritized data, assets, application, and services (DAAS), emphasizes strong identity and access controls as a critical protection. Multi-factor authentication, regular password changes, least privileged access and other techniques can be used to grant access to authorized users, for authorized reasons, and at authorized times only.

Getting Started

At Rockwell Automation, we have a complete range of OT cybersecurity solutions that protect your networks, installed base and ultimately your operations against common cybersecurity vulnerabilities. These solutions include risk assessments and asset inventory services that help you understand vulnerabilities and build the right plan for greater resilience.


Related Articles

Changing Scene

  • Converting Waves into Electricity with Automation Solutions by ifm

    Converting Waves into Electricity with Automation Solutions by ifm

    By developing wave energy converters, CorPower pursues the idea of converting waves into electricity. The challenge with wave energy is to design devices that are not only robust enough to survive the harshest ocean storms, but also capable of producing enough electricity compared to their size and cost. CorPower masters this difficulty with devices that are naturally transparent and protected in storms, and which produce about five times more energy per tonne of device than state-of-the-art solutions in the ocean. Read More…

  • ABB Completes Acquisition of Siemens Low Voltage NEMA Motor Business Q2

    ABB Completes Acquisition of Siemens Low Voltage NEMA Motor Business Q2

    ABB has recently announced it has completed its acquisition of the Siemens low voltage NEMA motor business. The transaction was originally announced August 11, 2022, and financial terms of the transaction were not disclosed. The business employs around 600 people and generated revenues of approximately $63 million in 2021. The acquisition of this business is part of the Motion business area’s profitable growth strategy. It strengthens ABB’s position as an industrial NEMA motor manufacturer, and it provides an even stronger platform from which ABB can better serve its global customers. Read More…

Sponsored Content
The Easy Way to the Industrial IoT

The way to the Industrial IoT does not have to be complicated. Whether access to valuable data is required or new, data-driven services are to be generated, Weidmuller enables its customers to go from data to value the easy way. Weidmuller’s comprehensive and cutting-edge IIoT portfolio applies to greenfield and brownfield applications. Weidmuller offers components and solutions from data acquisition, data pre-processing, data communication and data analysis.

Visit Weidmuller’s Industrial IoT Portfolio.

For a Multiplied Value Unified


During the last few years, the Excelpro Group has welcomed AIA Automation, Envitech Automation and Conrad Lavoie Electrical, all of which have become ‘Member of the Excelpro Group’.

It was with great excitement that in November of 2022, Excelpro announced that these three companies officially became Excelpro. This decision is part of a strategy to enhance the Excelpro Group’s brand in its market.

These companies already collaborate on various client projects. This merger brings together the complementary strengths of the employees and ensures a global synergy of the activities throughout the Group.

Read More

Service Wire Co. Announces New Titles for Key Executives

Bruce Kesler and Mark Gatewood have been given new titles and responsibilities for Service Wire Co.

Bruce Kesler has assumed the role of Senior Director – Business Development. Bruce will be responsible for Service Wire’s largest strategic accounts and our growing Strategic Accounts Team.

Mark Gatewood has been promoted to the role of Vice President – Sales & Marketing. In this role, Gatewood will lead the efforts of Service Wire Company’s entire sales and marketing organization in all market verticals.

Read More

Tri-Mach Announces the Purchase of an Additional 45,000 sq ft. Facility

Tri-Mach Elmira Facility

Recently, Tri-Mach Inc. was thrilled to announce the addition of a new 45,000 sq ft. facility. Located at 285 Union St., Elmira, ON, this facility expands Tri-Mach’s capabilities, allowing them to better serve the growing needs of their customers.

Positioning for growth, this additional facility will allow Tri-Mach to continue taking on large-scale projects, enhance product performance testing, and provide equipment storage for their customers. The building will also be the new home to their Skilled Trades Centre of Excellence.

Read More

JMP Parent Company, CONVERGIX Acquires AGR Automation, Expanding Global Reach

Convergix Automation Solutions has completed the acquisition of AGR Automation (“AGR”), a UK-based provider of custom, high-performance automation design and systems integration primarily to the life sciences industry.

Following Convergix’s acquisitions of JMP Solutions in August 2021 and Classic Design in February 2022, AGR marks the third investment in Crestview’s strategy to build Convergix into a diversified automation solutions provider targeting the global $500+ billion market, with a particular focus on the $70 billion global systems integration and connectivity segments. Financial terms of the transaction were not disclosed.

Read More

Latest Articles

  • Efficient Power Supplies – An Investment in the Future

    Efficient Power Supplies – An Investment in the Future

    In the search for a suitable power supply, the costs play a major role, alongside the technical requirements. The focus is often on the initial purchase price, while other potential costs that may be incurred during the operation of the power supply are not taken into consideration. In this blog post, we demonstrate why the decision to purchase a high-quality power supply is a profitable investment for your company, by taking a close look at all the costs involved. Read More…

  • Q&A with HELU: Oil & Gas Instrumentation Cables

    Q&A with HELU: Oil & Gas Instrumentation Cables

    Reliable data transmission is a must, even under the most extreme mechanical and environmental conditions such as those found in the oil and gas industry. Cables must be versatile to perform whether it is on a ship at sea or in a refining plant on land. Instrumentation cables are the backbone to keeping the industry’s sophisticated machines online and operating at peak performance. Regional Sales Manager Andrew Gill answers some of the questions he hears in the field regarding these low-voltage cables. Read More…