Revving Up Safety: UN Regulation R155 Now Covers Motorcycles

ELAD ROBB

Director of Cyber Threat Intelligence

February 26, 2024

On Jan. 26, the UNECE decided to include motorcycles, scooters, and electric bicycles in the scope of UNECE WP.29 R155. With this move, the UNECE underscores the increasing importance of monitoring and securing two-wheelers against burgeoning cyber threats.

As the motorcycle industry embraces advanced technologies like Adaptive Cruise Control and advanced connectivity, there is a growing need for robust cybersecurity measures. Many of today’s 2-wheelers are also becoming data centers on wheels, supporting millions of lines of code. And just like in vehicles, in motorcycles too every point of connection and APIs can serve as an attack surface for hackers.

Full spectrum of automotive attacks

Automotive cyber security risks run the gamut from hackers taking remote control of a vehicle to hackers exploiting APIs to obtain consumer data for financial reasons, or injecting malware into a vehicle’s operating system and demanding ransomware to remove it.

These attacks are already occurring.

As shown in Upstream’s 2024 Global Automotive Cybersecurity Report, there’s been a steep rise in telematics and application server attacks (43% of incidents in 2023, up from 35% in 2022) and in-vehicle infotainment attacks (15% of incidents in 2023, up from 8% in 2022).

The decision to extend the scope of UN Regulation 155 to motorcycles (vehicle category L) will be submitted to the UNECE-hosted World Forum for Harmonization of Vehicle Regulations (WP.29) for adoption in June 2024.

The new regulation drives the need for cybersecurity detection and response platforms. In addition to that, advanced cyber threat intelligence and a vehicle security operations center (vSOC) also play crucial roles.

Let’s explore the reasons for this need:

Growing expansion and sophistication of cyber threats

The motorcycle industry’s adoption of complex assistance systems makes 2-wheelers more susceptible to sophisticated cyber threats. Traditional cybersecurity measures may not be sufficient to protect against evolving cyber risks. Upstream’s Vehicle Detection & Response Platform (V-XDR) offers a comprehensive approach, incorporating multiple layers of defense to detect and respond to advanced threats effectively – on the vehicle, cloud, and connected application levels.

Comprehensive threat intel – a prevent-first approach

Upstream’s AutoThreat® PRO cyber threat intelligence provides a holistic view of the cybersecurity landscape and delves into the deep and dark web to proactively identify threat actors’ illicit activities. This is essential for motorcycle companies dealing with interconnected systems, as it allows for the identification of potential threats across the entire ecosystem, from the vehicle’s sBOM through externally connected devices and through to the company’s backend servers – flagging threat actors and targeted assets.

Fast response and remediation with the vSOC

In the face of cyber threats, swift response and mitigation are critical. Upstream’s vehicle security operations center (vSOC) enables near real-time monitoring remediation of cyber incidents and attacks. This ensures that potential cyber threats are identified and addressed promptly, minimizing the impact of disruption on the motorcycle company’s critical business operations and the safety of riders.

Regulatory compliance

With the expansion of UNECE R155, motorcycle companies will soon be obligated to adhere to specific monitoring and risk management requirements. Upstream Security’s XDR solution assists companies in achieving and maintaining regulatory compliance by providing a robust cybersecurity framework aligned with industry standards.

Implementing an advanced V-XDR solution and advanced services including threat intelligence and vSOC demonstrates a commitment to cybersecurity, instilling confidence among customers, partners, and stakeholders in the brand’s reliability and security.

As motorcycles, scooters, and electric bicycles become integrated into the connected and autonomous vehicle landscape, Upstream’s V-XDR cyber detection and response solution offer motorcycle companies a proactive and comprehensive approach to address the evolving cyber risks and ensure the security and safety of their vehicles and riders.

Contact us if you require assistance in navigating the new regulatory landscape.

Newsletter Icon

Upstream’s 2024 Global Automotive Cybersecurity Report

Newsletter Icon

Subscribe
to our newsletter

Stay up-to-date on the latest trends, emerging risks, and updates

Newly Discovered IoT Vulnerabilities in ELDs Raise Risk for Fleet-Wide Attacks

In late March 2024, The Register published a unique coverage, describing multiple new vulnerabilities and elaborating on the cyber risks in ELDs (electronic logging devices)…

Read more

Navigating the Evolving Automotive Cybersecurity Regulatory Landscape

The automotive industry’s digital transformation has ushered in an era of unprecedented connectivity and technological advancement. Yet, it is also exposing mobility assets to a…

Read more

With Its Second Milestone Coming Soon, the Impact of UNECE R155 Continues to Expand

The UNECE WP.29 R155 regulation is rapidly evolving, reflecting the automotive industry’s commitment to addressing cybersecurity risks across an increasingly connected and technologically advanced mobility…

Read more

The GenAI Arms Race is Here

The Automotive and Smart Mobility Ecosystem is entering a new era of GenAI, democratizing attacks but also cyber defenses. On the one hand, GenAI is…

Read more