This section lists some of the adversaries and attackers in Automotive. ## Enthusiast Attackers: Enthusiast attackers have physical access to the Engine Control Units (ECUs) at the circuit board level. They can solder ‘mod chips’ onto the board and have access to probing tools. They also have information on ECUs that have been hacked previously and have access to softwares and instructions developed by other members of car modification forums. The goal of the enthusiast hacker could be, but is not limited to, adding extra horse power to the car or hacking it just for fun. ## Corrupt Dealers: These are attackers that have access to the same capabilities as enthusiasts, but also have access to the car manufacturer's (OEM) dealer network. They may also have access to standard debugging tools provided by the car manufacturer. Their goal may be to support local car theft gangs or organized criminals. ## Organized Criminal: Organized Criminals have access to all of the above tools but may also have some level of control over the internal network at many dealerships. They may have hacked and gained temporary control of the Over-The-Air (OTA) servers or the In-Vehicle Infotainment (IVI) systems. This is very much like the role of organized criminals in other industries such as paid media today. Their goal is to extort money from an OEMs and/or governments by threatening to disable multiple vehicles. ## Malware Developers: Malware Developers have developed malicious software to attach and compromise a large number of vehicle. The malicious software would usually be designed spread from one vehicle to another. The goal usually is to take control of multiple machines then sell access to them for malicious purposes like denial-of-service (DoS) attacks or stealing private information and data. ## Security Researchers: These attackers are ‘self-publicized’ security consultants trying to make a name for themselves. They have access standard tools for software security analysis. They also have physical access to the vehicle and standard hardware debugging tools (Logic Analyzers, Oscilloscopes, etc). Their goal is to publicize attacks for personal gains.