By NHI Mgmt Group Editorial TeamDomain: Cyber SecuritySource: Upstream SecurityPublished October 1, 2025

TL;DR: Automotive cyber losses reached an estimated $22.5 billion in 2024, with data leakage accounting for $20 billion and Verizon reporting ransomware in 44% of manufacturing breaches, according to Upstream Security and Verizon DBIR. APIs, OAuth tokens, and third-party integrations are turning connected vehicle ecosystems into lateral-movement pathways that traditional perimeter models do not contain.


At a glance

What this is: The article argues that automotive cyber risk has crossed into billion-dollar territory as APIs, AI service platforms, and supply-chain dependencies expand the attack surface.

Why it matters: IAM, PAM, and NHI teams need to treat third-party access, OAuth tokens, and service integrations as high-value control points because compromise in one perimeter can cascade across the rest of the automotive ecosystem.

By the numbers:

  • Cyber attacks cost the auto industry an estimated $22.5 billion in 2024, up from just $1 billion in 2022.
  • Verizon’s 2025 Data Breach Investigations Report shows that breaches in manufacturing nearly doubled year over year, with ransomware present in 44% of cases and third-party involvement doubling to 30%.
  • The majority of those auto-industry losses stemmed from data leakage, which accounted for $20 billion of the total.

👉 Read Upstream Security's analysis of automotive cyber risk, APIs, and AI service exposure


Context

Automotive cybersecurity now sits at the intersection of IT, operational technology, dealer ecosystems, and connected vehicle services. The primary governance problem is no longer only preventing intrusion into a single enterprise network. It is constraining access across multiple perimeters where APIs, tokens, and third-party integrations can move trust from customer-facing systems into backend operations.

That matters to identity programmes because many of the exposed paths described in the article are identity problems as much as they are platform problems. OAuth tokens, service integrations, and third-party platform access all behave like non-human identities when they are not tightly governed, and their misuse can create fast lateral movement across systems that were never meant to share trust.


Key questions

Q: What breaks when third-party OAuth access is not tightly governed in connected ecosystems?

A: When third-party OAuth access is loosely governed, a stolen token can act as the service itself and reach backend systems without re-authentication. That breaks containment because compromise in one customer-facing platform can spill into CRM, identity, diagnostics, or operational workflows. The failure is not just data exposure. It is the collapse of trust boundaries between delegated access and core systems.

Q: Why do APIs and AI service integrations increase lateral movement risk?

A: APIs and AI service integrations increase lateral movement risk because they create reusable trust paths between systems that were never meant to share the same privilege model. If credentials or delegated permissions are broad, an attacker can move from a low-value integration into higher-value services. The risk rises when identity scope is implicit rather than explicitly bounded.

Q: How do you know if third-party support access is operating outside its intended boundary?

A: Look for mismatches between the scope of the support case and the systems the platform can touch, plus long-lived access paths with no clear expiry. Unexpected internal reach, weak attachment handling, missing log correlation, and delayed review are strong signals that the boundary has already expanded beyond what governance intended.

Q: Which frameworks should teams use to govern delegated API and service access?

A: Teams should align delegated API and service access with NIST CSF, NIST SP 800-53, and OWASP NHI where non-human identities are involved. For connected platforms, the practical focus is access scope, lifecycle management, and continuous monitoring. The goal is to make every token and service identity accountable, revocable, and measurable.


Technical breakdown

Why automotive APIs create cross-perimeter trust chains

APIs in automotive environments connect enterprise IT, vehicle services, dealer tools, supplier systems, and AI-enabled customer platforms. That connectivity is useful, but it also creates trust chains where one compromised integration can authenticate into another domain without a human ever logging in. The security issue is less about the API protocol itself and more about how identity, session scope, and authorization persist across multiple systems. If tokens, service credentials, or delegated permissions are overbroad, attackers can pivot from a low-value interface into higher-value operational systems.

Practical implication: Practitioners need to inventory every API trust relationship and bind it to explicit identity and privilege scope.

How OAuth token compromise turns AI services into access brokers

OAuth tokens are delegated credentials, which means they inherit trust from the original authorization grant. In AI-powered customer engagement platforms, those tokens often connect the service to CRM records, workflow systems, and support data. If an attacker steals a valid token, they do not need to defeat the front-door authentication layer again. They can use the delegated access as the service itself, often until revocation or expiry. In environments with weak token lifecycle control, the AI service becomes an access broker rather than just an application.

Practical implication: Security teams should treat delegated tokens as governed identities with lifecycle, scope, and revocation requirements.

Why supply-chain adjacency expands the blast radius of one breach

Automotive ecosystems are densely coupled, so compromise rarely stays confined to one tenant or one application. A supplier integration, dealership portal, or AI engagement service can each become a stepping stone into adjacent systems because shared data flows and shared identities create implicit trust. That makes the blast radius dependent on privilege design, segmentation, and monitoring fidelity rather than on the initial attack vector alone. When the ecosystem has weak identity boundaries, attackers can move from customer data theft to operational disruption without needing a separate exploit chain.

Practical implication: Teams should segment third-party access by function and revoke broad shared credentials in favour of scoped trust.


Threat narrative

Attacker objective: The attacker wanted to use delegated API access to steal customer data and preserve a path into adjacent enterprise systems.

  1. Entry began with compromise of a third-party AI-powered customer engagement platform and theft of OAuth tokens that authenticated API connections.
  2. Escalation followed as the stolen delegated access was used to query backend systems at scale without re-authentication.
  3. Impact included exfiltration of customer records and a broader trust break that could support phishing, fraud, and further lateral movement.

NHI Mgmt Group analysis

API trust chains are now an identity governance problem, not just an application security problem. The article shows that automotive APIs are no longer simple data pipes. They are delegated trust relationships that can move from consumer-facing services into backend systems, which makes identity scope, token lifecycle, and access revocation central governance concerns. For IAM and NHI programmes, the practical conclusion is that API access must be governed as identity, not treated as a peripheral integration detail.

Automotive organisations are facing a blast-radius problem created by over-connected third parties. The real failure mode is not merely exposure of one platform, but the absence of strict trust boundaries between dealers, suppliers, AI services, and enterprise systems. That pattern aligns with the broader governance gap seen in large ecosystem breaches: shared access without lifecycle controls. Practitioners should treat third-party integrations as bounded identities with measurable privilege, not as assumed-trusted extensions of the core environment.

AI-enabled customer platforms are becoming shadow NHI environments when their tokens and service accounts are left ungoverned. Once an AI service can authenticate downstream systems, it functions like a non-human identity with delegated authority and persistent reach. That creates a governance debt problem because security teams often manage the application while ignoring the identities it uses. The practitioner takeaway is clear: the identity of the service must be inventoried, reviewed, and constrained with the same discipline used for privileged human accounts.

Automotive cyber resilience now depends on correlating identity signals across operational and business systems. The article’s core point is that production outages, data theft, and ecosystem disruption are converging into a single risk surface. That convergence means identity telemetry from OAuth grants, API authentication, supplier access, and AI service integrations has to feed a shared control model. Without that, the organisation sees symptoms too late to contain the blast radius.

What this signals

Third-party OAuth visibility is the control signal most automotive programmes are missing. The article’s risk pattern is not confined to the sector, which means connected-mobility teams should expect similar trust-chain failures wherever AI services, dealers, suppliers, and customer platforms exchange delegated access. The governance question is whether the organisation can see which non-human identities are acting on its behalf before those identities become the attacker’s entry point.

Automotive resilience will increasingly depend on whether identity telemetry can be correlated across business and operational systems. When a customer platform, supplier portal, or service token crosses a boundary, the security model has to see the entire path, not just the point of compromise. For teams building that capability, The 52 NHI breaches Report remains a useful reference point for the recurring failure modes that make delegated access so dangerous.


For practitioners

  • Map API trust chains to named identities Inventory every API, OAuth grant, service account, and delegated token that crosses enterprise, vehicle, dealer, supplier, or AI service boundaries. Tie each one to an owner, purpose, expiry, and explicit privilege scope so that trust can be revoked or reduced when the relationship changes.
  • Tighten lifecycle control for delegated access Apply rotation, expiry, and revocation requirements to OAuth tokens and service credentials used by third-party and AI platforms. Where possible, shorten token lifetime and remove standing access that allows a compromised service to persist across multiple systems.
  • Segment ecosystem access by function Separate customer data workflows, diagnostic services, supplier integrations, and production support paths so one compromised interface cannot reach every downstream system. Use policy checks, conditional access, and network segmentation to keep third-party access inside its intended boundary.
  • Correlate identity telemetry in SOC workflows Bring OAuth events, token issuance, API authentication, and third-party access logs into the same detection view as endpoint and cloud telemetry. This makes it possible to spot abnormal cross-domain access before it becomes production disruption or data exfiltration.

Key takeaways

  • Automotive cyber risk is shifting from isolated breaches to ecosystem-wide blast radius events.
  • OAuth tokens, APIs, and AI service integrations behave like governable identities when they carry delegated access across perimeters.
  • The control priority is visibility, scope, and lifecycle management for every third-party and non-human access path.

Standards & Framework Alignment

This section maps relevant standards and security frameworks to the operational risks and controls described in this guidance.

OWASP Non-Human Identity Top 10 and MITRE ATT&CK address the attack and risk surface, while NIST CSF 2.0, NIST SP 800-53 Rev 5 and NIST Zero Trust (SP 800-207) set the governance and control requirements practitioners need to meet.

FrameworkControl / ReferenceRelevance
OWASP Non-Human Identity Top 10NHI-03Delegated tokens and service access are the core non-human identity risk in the article.
NIST CSF 2.0PR.AC-4The article centres on access scope and authorization across connected perimeters.
NIST SP 800-53 Rev 5IA-5Token lifecycle and authenticator management are directly implicated by stolen OAuth access.
MITRE ATT&CKTA0006 , Credential Access; TA0008 , Lateral MovementStolen tokens and cross-domain pivoting match the attack pattern described.
NIST Zero Trust (SP 800-207)Connected ecosystems require explicit trust boundaries and continuous verification.

Inventory and govern every OAuth grant, service account, and token as a managed NHI with expiry and ownership.


Key terms

  • Delegated Access: Delegated access is permission granted to one identity to act on behalf of another user, service, or system. In NHI environments, this usually appears in OAuth-connected apps and automation tooling. It is powerful, but it must be tightly scoped and reviewed because it can persist long after the original business need ends.
  • Cross-Perimeter Trust Chain: A cross-perimeter trust chain is a sequence of linked authorizations that crosses organisational or architectural boundaries. In connected environments, one trusted integration can open access to another, so the strength of the chain depends on the weakest identity and the broadest permission in the path.
  • Blast Radius: The potential scope of damage if a specific credential or identity is compromised. Identities with broad permissions have a larger blast radius and represent a higher priority for least-privilege enforcement and security controls.
  • Shadow NHI: A non-human identity created outside of formal governance processes and not tracked, managed, or known to the security team — creating an unmonitored attack surface. Shadow NHIs are commonly discovered during incident investigations.

What's in the full article

Upstream Security's full article covers the operational detail this post intentionally leaves for the source:

  • Weekly loss estimates and government intervention details from the factory shutdown case, useful for board-level resilience discussions.
  • The sequence of production suspension, forensic response, and phased restart across affected plants and supplier operations.
  • The third-party AI platform compromise narrative, including how stolen OAuth tokens were used to reach customer records.
  • The article's broader framing of APIs as the connective tissue across enterprise, vehicle, and ecosystem perimeters.

👉 Upstream Security's full article covers the production shutdown case, the third-party breach path, and the ecosystem risk model in more detail.

Deepen your knowledge

NHI Mgmt Group’s NHI Foundation Level course, the industry's only accredited NHI security programme, covers NHI governance, machine identity security, and secrets management. It is designed for practitioners who need to bring identity discipline to service access, token lifecycle, and delegated trust.
NHIMG Editorial Note
Published by the NHIMG editorial team on July 14, 2026.
NHI Mgmt Group — the independent authority on Non-Human Identity, IAM, and Agentic AI security. nhimg.org