Cleared for takeoff? Upstream’s vSOC is the traffic control center for vehicles

Air traffic control centers play a critical role in ensuring the safety and efficiency of air traffic.

The control centers help prevent aircraft collisions, maintain the safety of aircraft and passengers and provide timely instructions to pilots to avoid potential hazards that could lead to catastrophes.

Much like air traffic control centers, vehicle security operations centers (vSOCs) are also the lifeblood of automotive safety and security. 

Like air traffic control centers, vSOCs also monitor critical assets – in this case connected vehicles, fleets, and mobility assets such as EV charging stations. Effective vSOCS enable 24×7 fast detection and response to cybersecurity incidents and attacks. Vehicle security operations centers also provide actionable insights on how to treat security risks based on playbooks and automated workflows tailored to each customer’s organization and work methodologies. The playbooks may include unique workflows such as blocking suspicious IP addresses, alerting the vehicle owners to phishing attempts and controlling the OTA servers.

Here at Upstream, we’re one of the first companies in the world to recognize the importance of providing vSOC services to OEMs. 

Today we operate 2 vSOCs in Michigan, U.S. and in our Israel HQs from where we monitor over 25 million connected vehicles and assets, working hand-in-hand with our customers to keep them abreast of cybersecurity threats around-the-clock.

Despite being in different domains, air traffic control centers and our vehicle security operations centers share key similarities including:

Real-time Monitoring – Air traffic control centers continuously track aircraft positions, altitudes, and movements. Similarly, our vSOC constantly monitors multiple converging data sources across the individual ECU, connected vehicle, and entire fleet to detect potential security threats in connected vehicles.

Incident Response – Air traffic control centers handle emergency situations, such as aircraft deviations, mechanical issues or adverse weather conditions. Our vSOC enables fast response to cybersecurity incidents such as cyber attacks and data breaches.
In a recent incident, our vSOC identified an attack whereby hackers were attempting to execute commands on vehicles and retrieve user information from the accounts by only knowing the victim’s VIN number. Our vSOC detected multiple VIN pairings and raised alerts in just a few minutes, triggering a fast response that ultimately resulted in blocking the hackers’ IP addresses.

Data Analysis – Air traffic control centers analyze radar data, flight plans, and other aviation-related information. Our vehicle SOCs analyze multiple data sources including telematics feeds, proprietary protocols, OTA software updates, vehicle APIs, in-vehicle sensors and more to identify potential risks and vulnerabilities. Leveraging the power of our cybersecurity platform, the vSOCs enable correlations across multiple geographies, time zones, vehicle types, driver types, and various vehicle ownership models (private, rented, shared).

Communication – Where air traffic control centers communicate with pilots, ground staff, and other control centers to ensure safe and coordinated operations, our VSOC teams communicate with our customers to address security concerns.
At Upstream we work with Fortune 100 OEMs, Tier-1 automotive suppliers and commercial fleet owners. When our vSOC teams are alerted to anomalies, they work hand-in-hand with customers to ensure that the threat is effectively treated, before it carries heavy repercussions. We also build custom playbooks that draw on our extensive experience working with multiple OEMs to facilitate fast response to threats and attacks.

Proactive Measures – Air traffic control centers implement air traffic management procedures and traffic flow optimization. Vehicle SOCs employ continuous monitoring, vulnerability assessments and threat intelligence to proactively address potential cybersecurity risks. Our vSOCs also leverage threat intelligence pulled from the clear, deep and dark web to provide an overarching view of the threat landscape.

Upstream’s vSOC requires minimal ramp-up time to integrate organically with existing processes and workflows. Our vSOC teams in Ann Arbor, Michigan and Herzliya, Israel are staffed with experienced analysts and researchers, many of them from elite cybersecurity Intelligence Corps units.

The underlying principles of safety, real-time monitoring, incident response and collaborative approaches remain vital in the air and on the ground. And just as it is crucial to have air traffic control center, it’s similarly imperative to have a vSOC in place to identify cybersecurity attacks before they affect vehicles and passengers.

To learn more about Upstream’s vSOC click here.