Connectivity has become a competitive edge in the automotive industry. Like in so many other industries such as finance, healthcare, or insurance, stakeholders in the automotive sector realize the enormous potential that lies in connecting cars to the internet; using the data coming from the connected vehicle makes everyone happy: on the one hand drivers gain easier servicing and maintenance, and on the other, car manufacturers can use it to improve services, upgrade software, boost marketing, while car-fleets can use it for diagnostics such as maintenance alerts, health status reports, improve logistics, and even to monitor drivers’ behavior.
Car-fleets using aftermarket telematics face great risks
Connectivity is not only available as an embedded infrastructure within the car; thanks to the massive revenue and business value that lie in connected cars for all stakeholders, connectivity also became available through aftermarket devices installed in cars already on the road. These aftermarket telematics devices enable car-fleets interested in leveraging the functionalities of the connected car, to enjoy them without buying new connected vehicles.
A seemingly perfect solution for car-fleets looking to gain better operative performance using the car-generated data, it also bears risks: once the fleet is connected, it is immediately exposed to the most dangerous cyber threat today – a fleet-wide attack. The aftermarket telematics device serves as an entry point for hackers to penetrate either the vehicle itself, the telematics backend servers, or even the company’s IT network. Judging from experience, it’s clear today that telematics servers are an attractive target for hackers.
And car-fleet organizations are beginning to be aware of those risks: only recently, organizations such as the American Trucking Associations (ATA) and the National Motor Freight Traffic Association (NMFTA) emphasized the need for fleets and service providers to enforce security in their companies’ systems and equipment, due to the growing risks of integrating Automated Driving Systems (ADS) in commercial vehicles.
But what does “enforce security” really mean when talking about cars already on the road?
While an IDC research already estimated a 3-year security lag before systems catch-up with ever-evolving cyber threats, OEMs are ‘chasing their tales’ trying to secure every potential vulnerability and release safer connected cars to the market. But what about the cars already on the road today with telematics devices exposing them daily to cyber hacks? Companies running connected car-fleets need a security solution to protect their data, staff, and vehicles today, not in 3 years!
According to Gartner, there are over 100 million connected cars on the road today, and in some countries, the majority of the cars are already connected. Among these, car-fleets, many of the cars are connected via aftermarket telematics devices, and are in immediate risk of cyber attacks and data breaches. For these fleets, waiting for vulnerability patches from the Telematics Service Providers (TSP) or adding security components (either hardware or software) to the telematics device is not an option. The only viable solution for these car-fleets is a non-intrusive security mechanism that does not require any hardware installations or software updates, and can be deployed immediately on the cars already on the road today.
Protecting connected fleets already on the road today
Upstream Security protects car-fleets from fleet-wide attacks, vehicle hacks and data breaches by securing the technologies and applications of connected vehicles fleet and the data flow to and from the aftermarket telematics devices completely un-intrusively, and without requiring any hardware changes or OTA software updates. With comprehensive monitoring of the entire connected car ecosystem, Upstream uses proprietary AI (specifically machine learning) algorithms to track patterns, identify behaviors, and detect anomalies along the data flow between the vehicle, any service apps, and the backend telematics servers. This wholesome approach to securing both the vehicle and the network offers intelligent visibility to detect real-time incidents, giving the fleet’s stakeholders greater control and peace of mind.
H1'2022 Automotive Cyber Trend Report
Securing Smart Mobility Requires a Fresh Approach to API Security
Connected vehicles and smart mobility services use numerous APIs. Everything from OEM-driven companion apps, infotainment systems, OTA servers, telematics servers, and EV charging management or…Read more
EV Charging Stations Cyber Vulnerabilities Could Be EVs Achilles Heel
Electric vehicles (EVs) are a critical pillar of the global automotive revolution we’re experiencing today. Over the next five years, the US government will invest…Read more
Upstream’s 1000th Automotive Cybersecurity Incident: Use NFC Card to Gain Control in 130 Seconds
As a part of Upstream’s ongoing effort to monitor, analyze the cyber threat landscape and assess the impact of automotive-related cybersecurity incidents and vulnerabilities, we…Read more
Charging Station’s Cybersecurity Risks Endanger EV Adoption
Automakers and consumers are experiencing a breakthrough in electronic vehicle (EV) adoptability. Wide-spread easily accessible charging station networks are quelling range anxiety and replacing it…Read more