Unknown cybersecurity threats emerging as cars become connected

Cybersecurity firms are firing on all cylinders in response to the demand coming from the automotive industry. Yoav Levy, co-founder and CEO of Upstream Security, said the cybersecurity risk level has increased as vehicles get more software-driven. The evolution will also challenge cybersecurity companies with new and unknown threats.

More cybersecurity attempts and attacks on the automotive industry have been reported since the war between Russia and Ukraine unfolded. For example, hackers disabled several electric vehicle (EV) charging stations outside Moscow and displayed pro-Ukraine messages, according to Electrek's report in late February.

The supply chain also faced more attacks. Two of Toyota's suppliers were hacked in February and March, forcing the carmaker to shut down production temporarily. Levy said the cybersecurity industry has seen the risk level increase because of the tension in Europe.

A cloud-based solution enabling timely response

Founded in 2017, Upstream focuses on post-production cyber protection - for vehicles driven on the road. Many of the top 10 OEMs and some EV startups have adopted the company's technologies.

Upstream was the first company to offer cloud-based automotive cybersecurity solutions, Levy said. While many other solutions are installed inside a vehicle, the company's technology is agentless, requiring no software or hardware installation. Instead, it accesses the data flowing between connected cars and the OEM's cloud from the OEM's side.

Upstream's solution could be seen as a security analytics platform that analyzes data in an OEM's cloud in real time. It detects threats and anomalies with the help of its data analytics system.

Levy said the company provides customers with a bird's-eye view of the entire fleet. Automakers can monitor their vehicles through one platform aggregating all the alerts, threats or vulnerabilities. The feature enables personnel at the vehicle security operations center to immediately detect and respond to cybersecurity threats.

Working in the cloud brings Upstream several advantages. Levy said once the software is deployed, it can start right away to monitor vehicles already on the road. Moreover, when there is a new security vulnerability or threat, the company can finish a software patch or update the security policies on the platform within hours. On the contrary, in-vehicle solutions would have to do a firmware upgrade that could take months.

In addition, since a cloud-based solution does not require any software or hardware installed inside a vehicle, it does not have to go through a long and expensive production cycle. Therefore, the solution is more cost-optimized.

Levy also said Upstream can provide a holistic view to customers because it monitors EV charging stations, backend servers and over-the-air (OTA) updates besides the fleet. With different data sources, it is able to offer OEMs a more comprehensive solution and help them understand the cybersecurity posture of their fleets.

Besides helping OEMs secure their connected vehicles, Levy said Upstream offers opportunities for monetizing vehicle data. For example, automakers can utilize the specifics for additional purposes, such as predictive maintenance and product enhancement.

In addition, the company has established a strategic partnership with Mitsui Sumitomo Insurance (MSI) of Japan. The collaboration allows insurance companies to use connected vehicle data to improve risk management and customer experience.

Connected vehicles to bring unknown cyber challenges

As cars enable connectivity, they have brought new challenges to the automotive and cybersecurity industries.

Connected vehicles represent the convergence of IT and OT networks, Levy said, because they are controlled by the IT infrastructure such as telematics servers and application servers. The situation complicates the cybersecurity issues and explains why the automotive industry has shifted to implement protections from the design phase.

Levy said as vehicles become more software-driven, more bugs have been found. Some of the issues might be exploited and turned into security vulnerabilities. As a result, OEMs and suppliers have invested more money and resources. They need to monitor potential attack vectors, including OTA updates, mobile applications and charging stations. When cars get more complex, the cybersecurity risk and the level of complexity to secure them also increase.

While cyber vendors constantly develop better digital twins or virtual representations of a vehicle to enable enhanced protection, no solution can detect every single threat.

Additionally, as a nascent technology, connected cars will create lots of unknown issues in the industry. The market has moved rapidly from internal combustion engine cars to EVs. Evolving LiDAR and image processing technologies will keep driving autonomous car's development.

"We're sure that it's going to be other challenges in the future around protecting vehicles in the ecosystem," Levy said.

The unknown includes threats the new technologies could bring. Levy said the threat landscape has changed. For example, no one really tried to hack an EV charging station until about a year ago. But now, several attacks have been reported.

Looking ahead into 2022 and 2023, hackers will target more OEM servers and infrastructure due to the appealing vehicle data, according to Upstream. The CEO added that hackers are looking at places where they can gain money, especially areas that OEMs invest a lot.

Yoav Levy, co-founder and CEO of Upstream Security
Photo: Upstream, Micha Loubaton

Comments are closed.