While automated vehicles (AVs) are expected to revolutionize future transportation systems, emerging AV technologies also open the door for malicious actors to compromise intelligent vehicles. As the first generation of AVs, adaptive cruise control (ACC) vehicles are particularly vulnerable to cyberattacks. Although recent efforts have been made to understand the impact of attacks on transportation systems, little work has been done to systematically model and characterize the malicious nature of these attacks. In this study, we develop a general framework for modeling and synthesizing two types of candidate attacks on ACC vehicles: direct attacks on vehicle control commands and false data injection attacks on sensor measurements, with explicit characterization of their adverse effects. Based on linear stability analysis of car-following dynamics, we derive analytical conditions that characterize the malicious nature of potential attacks. This ensures a higher degree of realism in modeling attacks with adverse effects, as opposed to simply considering constant or random attacks. The conditions derived provide an effective method for synthesizing strategic candidate attacks on ACC vehicles. We conduct extensive simulations to examine the impacts of intelligently designed attacks on microscopic car-following dynamics and macroscopic traffic flow. Numerical results illustrate the attack mechanism, offering useful insights into understanding the vulnerability of future transportation systems. The methodology developed allows for further study of the widespread impact of strategically designed attacks on traffic cybersecurity, inspiring the development of efficient attack detection techniques and advanced vehicle controls.