Connected vehicles face 300,000 cyber attacks per month

by | Jan 8, 2019 | 0 comments

A leading automotive cybersecurity firm says autonomous and connected vehicles are incredibly vulnerable to cyber attacks, with ECUs being exposed to internet connectivity being subjected to as many as 300,000 attacks per month.

Karamba Security, a world-leading provider of end-to-end automotive cybersecurity prevention solutions, unveiled vulnerability data in the autonomous and connected vehicle industry. Karamba Security has been attracting internet attacks on automotive electronic control units (ECUs) through its latest solution Karamba ThreatHive. In the last three months alone, Karamba ThreatHive analysis concluded that each of the ECUs that Karamba had exposed to internet connectivity was subjected to as many as 300,000 attacks per month.

“The fact that each connected ECU gets attacked about 300,000 times every month illustrates just how creative and persistent hackers have become,” said Ami Dotan, Karamba Security’s co-founder and CEO. “As autonomous and connected vehicles become software driven, risks increase that hackers will find ways to take control of the vehicle by compromising ECUs and infiltrating cars to change their speed and direction. The automotive industry needs to take preventative measures and leverage technologies like ThreatHive that expose vulnerabilities for OEMs and tier 1s to address during the production stage, before the hackers identify and exploit such vulnerabilities in the car itself.”

Karamba ThreatHive harnesses real-world hacking attempts to expose and pinpoint ECU vulnerabilities to be fixed before such vulnerabilities are exploited in real cars. A global system of data-generating “honeypots” runs continuously, collecting threat data to identify vehicle security gaps. According to the data, each of the automotive ECUs exposed by ThreatHive to the internet was attacked on average 300,000 times per month by 3,500 different hackers. Attackers come in different forms and are often bots searching for any ECU vulnerabilities they can expose to gain control of the connected system.

With ThreatHive, OEMs and tier 1s receive actionable security data to fix security bugs and logical errors before hackers actually exploit those vulnerabilities in real cars. The data enables them to close security gaps long time before hackers try to infiltrate the vehicle.

Data also uncovered that over 11 different types of attacks were attempted since Karamba ThreatHive’s inception. Each simulated ECU was targeted by a different mode of attack, aiming to exploit different services in the ECU. Examples include attacks to the Telnet port – similar to the services targeted on the VW Golf white hat attack in April 2018 – to SSH (Subaru 2018) and to HTTP (Tesla 2017). Attacks were prevalent across geographies and service providers.

More information is available at


Submit a Comment

Your email address will not be published. Required fields are marked *