Keeping Commercial Vehicles Rolling Amidst Climbing Cyber Threats


Content Marketing Manager

Today’s rising cybersecurity threats are not enough to break the will of the most advanced fleets- but they are enough to impact logistics.

The last few years have seen an alarming spike in cybersecurity attacks, up 344% in the last 5 years alone. This trend is well noticed across all vehicle types, but when it comes to commercial vehicles, our analyst dove into vulnerabilities that can impact downtime, threaten uptime, hurt revenue, and inject a helping of uncertainty into an already hurting supply chain.

Connected fleets as a target

The rise in attacks and greater strain on today’s supply chains raise a critical question- Are connected vehicles inherently weaker?

When considering the bounty from an attack, commercial vehicles may offer more than a sophisticated IT ransomware attack. Trucks hold goods, are the backbone of a business, and due to the J-1939 protocol, may reveal vulnerabilities that can be replayed against other businesses into the near future until they mitigate against such an attack, which will take time.

Direct expenses for a business will be related to detection, remediation, and mitigation of an attack. Indirectly, they will find their operations hindered for months, resulting in extended vehicle downtime and a blow to their reputation. In addition, if employee data was leaked during the breach, it will have an impact on morale as their locations, habits, and popular routes are exposed.

Should a fleet operator fail to display their best efforts to detect and thwart future attacks, they may even lose their ability to operate in certain regions if it is found that they do not comply with the J1939-91 and other cybersecurity standards and regulations.

Cloud-based cybersecurity as a catalyst for uptime and compliance

With many cybersecurity platforms on the market, ranging from in-vehicle IDPS, to in house solutions based on a SIEM data aggregator, only a cloud-based system can provide rapid up time without needing to install any hardware or software into the vehicle itself.

Yet, some operators choose to take a multi-layered approach, combining what comes pre-installed in their vehicles with the modern capabilities of cloud-enabled full-fleet visibility.

In-vehicle detection and prevention agents

In-vehicle data collection can either be built into a vehicle or via an Intrusion Detection Prevention Systems (IDPS). Both require designing integrated hardware and software that has high-level access to sensitive in-vehicle information.

For example, IDPS is purpose-built security controls that are placed throughout a vehicle. These agents rely on algorithms to monitor designated zones of the vehicle, looking for suspicious or anomalous behaviors. While these rule-based systems are constantly running in the background, an attacker with knowledge of the vehicle’s infrastructure can spoof or bypass the IDPS. This means that a hacker can penetrate a system and operate for a prolonged time without being detected.

After-market solutions rely on the OBD port, which has become a common attack vector accounting for 5.4% of all cybersecurity attacks from 2010 to 2021. Once penetrating this high-access gateway, a hacker can inject messages into the vehicle, gain remote access, reprogram new keys, and more.

Furthermore, in-vehicle agents need to be installed during or after production, which can be costly and at times are not backward compatible with existing vehicles.

In-house custom SIEM solutions

Developing an in-house solution allows OEMs and major fleet operators to pick and choose which capabilities matter most to them. Whether for cybersecurity or non-cyber use cases, these DIY solutions require venturing away from core capabilities into deep cybersecurity and data management technologies. Some of the hurdles include recruiting large dedicated and skilled teams, application management, ongoing roadmap development, and continuous updating according to the latest threat intelligence.

Unlike out of the box capabilities offered IT solutions, companies will need to self-identify use cases, pinpoint correct data sources, ensure 24/7 uptime, and prepare for unforeseen circumstances. OEMs and fleet operators quickly realize how these solutions fall short and struggle to maintain the high standard of security needed as the threat landscape evolves over time.

To build out cybersecurity capabilities, automotive-specific threat intelligence data collection, and ongoing monitoring, OEMs will need to master tools that are outside their core business.

Agentless and cloud-based capabilities

The cloud-based agentless approach of monitoring vehicles has multiple advantages surrounding cost, efficiency, visibility, and time to market.

Faster time to security is a benefit of a cloud-based solution. By not relying on in-vehicle hardware or software, onboarding is seamless and allows data and cyber teams to gain access and protect connected vehicles that are already on the road, as well as a wide range of data sources feeding directly into a single detection platform. This also saves the time of engineering teams who would need to develop, implement, and monitor an in-vehicle component to ensure proper operation.

Agentless approaches are also better suited for operations within a Vehicle Security Operations Center (VSOC), allowing for specialized monitoring across. These automotive-specific SOCs can implement vehicle digital twins and gain a bird’s eye view of multiple vehicles simultaneously, allowing them to recognize anomalies in a vehicle, across a fleet, or even throughout a region.

Uptime and revenue rely on true cybersecurity data

The data collected and analyzed for any fleet, whether for the purpose of global cybersecurity or regulatory compliance holds insights that can help modernize and monetize today’s vehicles.t, whether for the purpose of cybersecurity or regulatory compliance holds insights that can help modernize and monetize today’s vehicles.

This can be made most efficient using two of Upstream’s offerings.

The first is The Upstream Platform- a cybersecurity and data management platform for connected vehicles, purpose-built to help mobility stakeholders utilize the latent value found in data to secure, optimize, enhance, and further monetize their connected vehicles, fleets, and services.

The second is the Vehicle SOC (VSOC), which allows for companies to protect their fleets 24/7, regardless of if their vehicles are in a facility or on the road. This data can then be analyzed for non-cybersecurity use cases, such as preventing fraud, deterring property theft, securing OTA updates, and even thwarting AdBlue tampering.

Focused on using reliable data to ensure uptime? Dive deeper with our Protecting Commercial Vehicles: Continuous Operation and Uptime Amidst Cybersecurity Threats to see how.

Newsletter Icon

Upstream’s 2023 Global Automotive Cybersecurity Report

Newsletter Icon

to our newsletter

Sign up to receive updates delivered to your inbox

Follow the Data: Connected Vehicles & Beyond

Automotive OEMs executives deal every day with at least four strategic challenges: Reputational risk limitation Regulatory compliance Recall costs minimisation Reliability of service and customer…

Read more

The Future of Fleet Security: Are Autonomous Vehicles Secure?

In recent years, the delivery industry has seen a significant shift towards electrification and autonomous vehicles in an effort to streamline services and improve efficiency.…

Read more

The Race to Autonomous Mobility May Be Slowed Down by Hackers

Electric-driven and fully autonomous mobility services have the potential to solve some of the world’s biggest transportation challenges. They are bound to revolutionize the automotive…

Read more

The Power Grid Must Be Protected, But Are EV Charging Stations Secure?

The widespread adoption of electric vehicles (EVs) depends on a robust and reliable network of charging stations. However, as the number of EVs on the…

Read more