Cybersecurity in Car Manufacturing: Why OT Environments Are Under Attack
Contributor: Ryan Cooke, Chief Information Security Officer, IDS-INDATA
In recent years, the automotive industry has become a prime target for cyberattacks—especially as operational technology (OT) systems grow more connected and complex. Modern car manufacturers now rely on highly integrated production lines and a global supply chain model, which, while efficient, also opens the door to a range of cybersecurity threats.
Why Car Manufacturers Are at Risk
With digital transformation sweeping through the automotive sector, cybercriminals are finding new ways to exploit vulnerabilities in both IT and OT environments. At IDS-INDATA, we’ve identified five key areas where manufacturers face heightened cybersecurity risks:
- Highly Integrated Production Lines
Today’s production environments are deeply reliant on PLCs, SCADA systems, robot arms, and other automated machinery. This tight integration increases operational efficiency—but also means that a single breach can bring entire production lines to a halt. - Supply Chain Complexity
Automotive manufacturers operate on global, just-in-time supply chains. If a supplier is compromised, it can cause cascading delays across the network—potentially costing millions. Attackers are increasingly using this supply chain exposure as a vector for infiltration. - Remote Access Requirements
VPNs and third-party support tools are essential for operations and maintenance—but they can also be weak points. Misconfigured remote access solutions or lack of multi-factor authentication (MFA) can provide an open door to attackers. - Convergence of OT and IT
As OT and IT environments become more connected, attackers can exploit security gaps that emerge between the two domains. Without careful segmentation and governance, these environments can be used as bridges to move laterally through networks. - A Lucrative Industry for IP Theft
The automotive sector is driven by innovation, making it a prime target for intellectual property theft. Advanced designs, manufacturing processes, and proprietary software can all be stolen and sold to competitors or bad actors.
Real-World Impacts: Lessons from Honda and Nissan
These risks are not theoretical—they’ve played out in real-world attacks with serious consequences.
Honda (2020)
Honda suffered a targeted OT attack using the EKANS ransomware. The attackers exploited known vulnerabilities to breach the environment, causing widespread shutdowns of production facilities. The incident demonstrated how attackers are no longer just targeting IT systems—they’re going straight for the factory floor.
Nissan (2023)
In a separate incident, Nissan experienced a major breach through an exposed VPN. Sensitive data—including over 53,000 employee records—was compromised, and critical systems were forced offline. The attack revealed how poor access controls and unprotected data repositories can have wide-reaching consequences.
Defending Against Cyber Risk in Automotive Manufacturing
As attackers become more sophisticated and the OT threat landscape evolves, car manufacturers must reassess their approach to cybersecurity.
At IDS INDATA, we help manufacturers secure both IT and OT environments with solutions that prioritise visibility, segmentation, and resilience. From managed network services to security posture assessments and change control, we work with manufacturers to reduce their attack surface—without compromising uptime or innovation.
Let’s talk about how we can help you build a more secure, future-ready manufacturing environment.
