A car company might not have a high likelihood of a collision, but it can be vulnerable to theft or hacking, according to a new study.
The report, released by the U.S. National Highway Traffic Safety Administration (NHTSA), found that automakers’ auto-parts and auto-manufacturing suppliers were less likely to be protected from cyberattacks than consumers.
The report also found that auto-makers had less than two years of experience in managing their networks.
NHTSA did not find that automakers had the technology to safeguard their networks against ransomware.
Auto-parts manufacturers are also a major source of stolen vehicle parts, said Christopher Jones, senior analyst at the cybersecurity firm Arbor Networks.
The National Automobile Dealers Association, which represents the auto industry, did not immediately respond to requests for comment.
The industry is in the midst of a national security debate about cybersecurity.
Automakers are trying to address cyber vulnerabilities by creating security software, creating standards for their vehicles and training workers to better understand cybersecurity.NHTS said it conducted the report because it wanted to see how the auto and auto parts industries work together.
Automotive manufacturers and suppliers must share information about cybersecurity risks and help each other develop and deploy cyber defenses.
NDTSA said it is currently gathering information about auto-part theft from a variety of sources, including law enforcement, consumer reports, media reports and third-party sources.
Automaker liability insurance, insurance companies and government agencies also play a role in protecting automakers’ networks.
The survey found that of the companies’ 3,500 suppliers, only 1.3 percent reported that they had an overall cyber-security plan, which is considered the top layer of protection.
NHSI said it will soon release a report on how automakers protect their networks, including how many companies are participating.NDTSA is also launching a $1.5 billion national security initiative, called “Unlock,” to support the development and deployment of cyber-defense technologies.
The initiative is aimed at developing better cyber-response tools, developing and deploying more effective cyber defenses and securing automotive parts and equipment.