VicOne Releases "2026 Automotive Cybersecurity Report," Signaling the Automotive Industry's Entry into an "Overlap Era" of Traditional Vehicles and SDVs

Tokyo, Japan – VicOne, a leading company in automotive cybersecurity and a subsidiary of Trend Micro Incorporated (Tokyo, Japan; CEO Eva Chen), has announced the release of its "VicOne 2026 Automotive Cybersecurity Report," which sheds light on the current state of automotive cybersecurity.

The report reveals that the automotive industry is entering a new phase defined as the "Overlap Era." While traditional vehicle platforms still dominate, the rapid advancement of Software-Defined Vehicles (SDVs), increased connectivity, and the integration of AI are leading to a transitional period where new and old technologies coexist within the same vehicle ecosystem. This era presents overlapping risk areas, necessitating a comprehensive cybersecurity approach that extends beyond technical solutions to encompass governance and decision-making processes.

■ Key Highlights from the Report

• Total number of automotive cybersecurity incidents reported in 2025: 610 (approximately 2.8 times the previous year)
• Total number of automotive-related vulnerabilities disclosed in 2025: 1,384 (approximately 1.5 times the previous year)
• The attack surface has shifted from enterprise IT systems (37.7%) to in-vehicle systems (39.7%), with those closer to the driver becoming primary targets.
• Japan saw a dramatic surge in incidents, increasing over eightfold from 5 to 41, accounting for approximately half of all incidents in Asia.
• While 89% of automotive-related vulnerabilities are publicly disclosed in the CVE database, the remaining 11%, including zero-days, remain outside of governance management.

The report can be downloaded from: https://vicone.com/jp/reports/2026-automotive-cybersecurity-report

■ Overview of Automotive Cyber Threats Based on 2025 Data

Attacks Expanding to OEMs and Vehicle Bodies – 610 Incidents, a 2.8-fold Increase Year-over-Year

In 2025, the automotive industry reported 610 cybersecurity incidents, a significant increase of approximately 2.8 times compared to the previous year's 215 incidents. In addition to attacks previously targeting dealerships, attacks directly targeting OEMs have also risen. The number of vulnerabilities discovered in 2025 grew to 1,384, about 1.5 times that of the previous year. In 2025, vulnerabilities affecting two Japanese OEMs were successively revealed, allowing vehicle tracking and remote control through backend and communication systems. As connectivity advances, risks directly impacting vehicle safety and privacy are becoming a reality.

FAQ

What is the "Overlap Era" in the automotive industry?

The "Overlap Era" refers to the current transitional phase in the automotive industry where traditional vehicle platforms coexist with the rapid advancement and adoption of Software-Defined Vehicles (SDVs), increased connectivity, and AI integration.

How significantly did automotive cybersecurity incidents increase in 2025?

Automotive cybersecurity incidents surged by approximately 2.8 times in 2025, with 610 incidents reported compared to 215 in the previous year.

Where is the primary attack surface shifting in the automotive sector?

The attack surface has shifted from enterprise IT systems (37.7%) to in-vehicle systems (39.7%), indicating that threats are increasingly targeting components directly related to the vehicle's operation and the driver's experience.

What is the situation regarding vulnerabilities in Japan?

Japan experienced a significant increase in cybersecurity incidents, rising over eightfold from 5 to 41 cases in 2025, accounting for nearly half of all incidents reported in Asia.

Are all automotive vulnerabilities publicly known?

No, while 89% of reported vulnerabilities are publicly disclosed (e.g., in the CVE database), the remaining 11%, which can include zero-day vulnerabilities, remain outside of public disclosure and standard governance management.

Back to Newsroom (12)