The U.S. Federal Bureau of Investigation has sent a notice to automotive manufacturers warning them that they’re being targeted by hackers.

First reported Wednesday by CNN, the notice warned that hackers were known to be attempting to compromise auto industry computer systems using sophisticated techniques.

Previous attacks “have resulted in ransomware infections, data breaches leading to the exfiltration of personally identifiable information, and unauthorized access to enterprise networks,” the FBI claims. “The automotive industry likely will face a wide range of cyber threats and malicious activity in the near future as the vast amount of data collected by internet-connected vehicles and autonomous vehicles become a highly valued target for nation-state and financially motivated actors.”

The FBI warning also detailed some of the methods used in attacks, listing brute-force and phishing attacks as the most common ways hackers target automotive companies. While not naming any companies, the bureau claims that unidentified hackers had successfully obtained access to email accounts at multiple companies in the industry where they forwarded sensitive emails, stole information and conducted fraudulent wire transfers.

In terms of ransomware, the FBI also didn’t name any companies that have been affected, but it is known that Honda Motor Co. Ltd. was targeted by the WannaCry ransomware in 2017. In that case, Honda was forced to shut down a manufacturing plant while WannaCry affected its networks across Japan, North America, Europe, China and other regions.

Javvad Malik, security awareness advocate at security awareness training firm KnowBe4 Inc., told SiliconANGLE that there are state-sponsored and other groups engaged in espionage against specific industries and the automotive industry is no exception.

Given that criminals were using methods such as phishing, Malik noted, “user awareness and training is an essential part of protecting organizations. A strong security culture can help protect against attacks through phishing and also no reduce the likelihood that employees will use weak passwords or reuse passwords across different services.”

With cars becoming more connected over time, there are also ongoing concerns about vehicles being hacked directly as well. The FBI previously warned automakers of the risk in March 2016 and the National Highway Traffic Safety Administration issued guidelines for preventing car hacking in October 2016.

Photo: Siyuwj/Wikimedia Commons