Today’s rising cybersecurity threats are not enough to break the will of the most advanced fleets- but they are enough to impact logistics.
The last few years have seen an alarming spike in cybersecurity attacks, up 344% in the last 5 years alone. This trend is well noticed across all vehicle types, but when it comes to commercial vehicles, our analyst dove into vulnerabilities that can impact downtime, threaten uptime, hurt revenue, and inject a helping of uncertainty into an already hurting supply chain.
Connected fleets as a target
The rise in attacks and greater strain on today’s supply chains raise a critical question- Are connected vehicles inherently weaker?
When considering the bounty from an attack, commercial vehicles may offer more than a sophisticated IT ransomware attack. Trucks hold goods, are the backbone of a business, and due to the J-1939 protocol, may reveal vulnerabilities that can be replayed against other businesses into the near future until they mitigate against such an attack, which will take time.
Direct expenses for a business will be related to detection, remediation, and mitigation of an attack. Indirectly, they will find their operations hindered for months, resulting in extended vehicle downtime and a blow to their reputation. In addition, if employee data was leaked during the breach, it will have an impact on morale as their locations, habits, and popular routes are exposed.
Should a fleet operator fail to display their best efforts to detect and thwart future attacks, they may even lose their ability to operate in certain regions if it is found that they do not comply with the J1939-91 and other cybersecurity standards and regulations.
Cloud-based cybersecurity as a catalyst for uptime and compliance
With many cybersecurity platforms on the market, ranging from in-vehicle IDPS, to in house solutions based on a SIEM data aggregator, only a cloud-based system can provide rapid up time without needing to install any hardware or software into the vehicle itself.
Yet, some operators choose to take a multi-layered approach, combining what comes pre-installed in their vehicles with the modern capabilities of cloud-enabled full-fleet visibility.
In-vehicle detection and prevention agents
In-vehicle data collection can either be built into a vehicle or via an Intrusion Detection Prevention Systems (IDPS). Both require designing integrated hardware and software that has high-level access to sensitive in-vehicle information.
For example, IDPS is purpose-built security controls that are placed throughout a vehicle. These agents rely on algorithms to monitor designated zones of the vehicle, looking for suspicious or anomalous behaviors. While these rule-based systems are constantly running in the background, an attacker with knowledge of the vehicle’s infrastructure can spoof or bypass the IDPS. This means that a hacker can penetrate a system and operate for a prolonged time without being detected.
After-market solutions rely on the OBD port, which has become a common attack vector accounting for 5.4% of all cybersecurity attacks from 2010 to 2021. Once penetrating this high-access gateway, a hacker can inject messages into the vehicle, gain remote access, reprogram new keys, and more.
Furthermore, in-vehicle agents need to be installed during or after production, which can be costly and at times are not backward compatible with existing vehicles.
In-house custom SIEM solutions
Developing an in-house solution allows OEMs and major fleet operators to pick and choose which capabilities matter most to them. Whether for cybersecurity or non-cyber use cases, these DIY solutions require venturing away from core capabilities into deep cybersecurity and data management technologies. Some of the hurdles include recruiting large dedicated and skilled teams, application management, ongoing roadmap development, and continuous updating according to the latest threat intelligence.
Unlike out of the box capabilities offered IT solutions, companies will need to self-identify use cases, pinpoint correct data sources, ensure 24/7 uptime, and prepare for unforeseen circumstances. OEMs and fleet operators quickly realize how these solutions fall short and struggle to maintain the high standard of security needed as the threat landscape evolves over time.
To build out cybersecurity capabilities, automotive-specific threat intelligence data collection, and ongoing monitoring, OEMs will need to master tools that are outside their core business.
Agentless and cloud-based capabilities
The cloud-based agentless approach of monitoring vehicles has multiple advantages surrounding cost, efficiency, visibility, and time to market.
Faster time to security is a benefit of a cloud-based solution. By not relying on in-vehicle hardware or software, onboarding is seamless and allows data and cyber teams to gain access and protect connected vehicles that are already on the road, as well as a wide range of data sources feeding directly into a single detection platform. This also saves the time of engineering teams who would need to develop, implement, and monitor an in-vehicle component to ensure proper operation.
Agentless approaches are also better suited for operations within a Vehicle Security Operations Center (VSOC), allowing for specialized monitoring across. These automotive-specific SOCs can implement vehicle digital twins and gain a bird’s eye view of multiple vehicles simultaneously, allowing them to recognize anomalies in a vehicle, across a fleet, or even throughout a region.
Uptime and revenue rely on true cybersecurity data
The data collected and analyzed for any fleet, whether for the purpose of global cybersecurity or regulatory compliance holds insights that can help modernize and monetize today’s vehicles.t, whether for the purpose of cybersecurity or regulatory compliance holds insights that can help modernize and monetize today’s vehicles.
This can be made most efficient using two of Upstream’s offerings.
The first is The Upstream Platform- a cybersecurity and data management platform for connected vehicles, purpose-built to help mobility stakeholders utilize the latent value found in data to secure, optimize, enhance, and further monetize their connected vehicles, fleets, and services.
The second is the Vehicle SOC (VSOC), which allows for companies to protect their fleets 24/7, regardless of if their vehicles are in a facility or on the road. This data can then be analyzed for non-cybersecurity use cases, such as preventing fraud, deterring property theft, securing OTA updates, and even thwarting AdBlue tampering.
Focused on using reliable data to ensure uptime? Dive deeper with our Protecting Commercial Vehicles: Continuous Operation and Uptime Amidst Cybersecurity Threats to see how.
Upstream’s 2023 Global Automotive Cybersecurity Report
API Security Needs to be Integral in Automotive Threat Analysis and Risk Assesment
APIs enable the opportunity to innovate and improve services in the connected vehicle and smart mobility ecosystem. APIs are widely used in advanced features, services…Read more
NHTSA Updates US Cybersecurity Guidelines for Vehicles
Connected and software-defined vehicles technologies are on the rise, offering customers a better user experience, and introducing new monetization strategies for OEMs. Given the rising…Read more
Upstream Partners with Salesforce, Putting Connected Vehicle Data in Motion
The automotive industry is undergoing a massive transformation, building new revenue streams and business opportunities. Connected vehicle and smart mobility data are at the core…Read more
Securing Smart Mobility Requires a Fresh Approach to API Security
Connected vehicles and smart mobility services use numerous APIs. Everything from OEM-driven companion apps, infotainment systems, OTA servers, telematics servers, and EV charging management or…Read more