Cyber insurance for commercial auto option amid rise in auto ransomware attacks

According to the 2026 Global Automotive and Smart Mobility Cybersecurity Report, the expansion of APIs and AI-powered technologies has also brought the escalation of cybersecurity risk across automotive and smart mobility.

The report reveals that AI architectures have introduced new entry points of system exposure and new complexities to vehicle systems. Back-end servers and APIs have become primary weak points, and this increase in connectivity between vehicles, cloud platforms and apps introduce a higher risk of cyber attacks. Backend servers account for 67% of all cyber incidents in 2025.

The study comes from Upstream, an automotive cybersecurity and data management company, and is based on an analysis of 494 new cyber incidents from 2025, as well as from publicly documented cases dating back to 2010, and the monitoring of hundreds of web forums with thousands of active threat actors. Incidents analyzed in this report come from channels such as media outlets, academic research, government law enforcement agencies and other publicly available online sources. 

"The automotive industry is an early adopter of physical AI, and as AI capabilities rapidly expand across markets, it now serves as the reference architecture for safety-critical, highly connected systems," said Yoav Levy, co-founder and CEO of Upstream. "However, AI is also enabling attackers to move faster, at greater scale, and with more automation while the industry is still relying on security models built for a far more static world. Our 2026 report shows that AI significantly expands the cybersecurity attack surface, as traditional perimeter defenses no longer suffice when AI systems adapt dynamically and directly influence physical outcomes."

Most, 92%, of auto cyber attacks were conducted remotely, and the report notes that of these attacks, 86% required no physical proximity to vehicles and systems.

Upstream's research also finds that financially motivated and coordinated attack groups are increasingly targeting vehicles with ransomware attacks that can result in operational losses in the billions of dollars. While 86% involved data and privacy breaches, 34% of these events were focused on business and operational disruption. More than half, 61%, of incidents had the potential to impact thousands to millions of mobility assets, and 20% are described as "massive-scale events" by Upstream. 

To address the increasing frequency of cyberattacks targeting commercial auto operations, Hartford Steam Boiler (HSB) recently launched an offering of cyber coverage for internet-connected commercial vehicles designed for small and medium-sized businesses to financially recover from lost business income as a result of auto-related cyberattacks.

The commercial cyber coverage for auto can cover transportation costs during loss of vehicle use, and provides cybersecurity services with online resources to help stop cyber attacks. This also includes the cost to improve or upgrade hardware and software for further prevention of cyber attacks.

"Cyberattacks on commercial vehicles are a real and growing threat," said Eric Hendricksen, commercial cyber practice lead for HSB, in the press release. "With millions of connected commercial cars and trucks on the road, cybercriminals could hack into apps and automobile connections. Business owners need to get ahead of this emerging risk to data security, operations and vehicle safety."

The commercial vehicle coverage includes malware attack damage to vehicle systems, devices and data, and also provides protection for cyber extortion demands for money to ransom content or vehicle access. Coverage will also help victims of business income loss as a result of an auto cyberattack of extortion.