"Cybersecurity concerns should be prioritized in fleets' agendas for 2024 to prevent cyber-assaults"
Boost in Cyber Threats Targeting Fleet Ecosystems in 2024
In the rapidly evolving world of automotive technology, cybersecurity remains a significant concern. According to Upstream Security's 2024 Global Automotive Cybersecurity Report, the primary threats in the fleet ecosystem are expected to be a substantial increase in cyberattacks with high or massive-scale impact, most of which are executed remotely.
These attacks are primarily aimed at vehicle firmware, critical systems such as advanced driver-assistance systems (ADAS), and software-defined vehicles (SDVs), which rely heavily on connectivity like over-the-air (OTA) updates and Vehicle-to-Everything (V2X) communications. The goal is to disable safety features, manipulate sensor data, and potentially cause accidents or disrupt fleet operations on a large scale.
The report reveals that 92% of these attacks are executed remotely, highlighting vulnerabilities in connected vehicle systems and cloud-based telematics. This trend underscores the importance of periodic software updates, a crucial step to ensure safety over wireless and more vulnerable communications.
Ransomware attacks, a significant issue in 2023, are expected to continue posing a threat. For instance, the 2024 CDK Global attack exemplified the severe industry disruptions that such attacks can cause.
The growing complexity of automotive cybersecurity, due to evolving technology like autonomy, connected services, and regulatory frameworks mandating enhanced protections, adds to the challenges.
Moving forward, threat actors are anticipated to attempt disabling charging stations or tampering with their activities. In 2024, the fleet ecosystem is expected to face new attack vectors, including applications and the expanding charging network.
Attacks against in-vehicle infotainment systems nearly doubled and accounted for 15% of total incidents in 2023, up from 8% in 2022. Sensitive data, such as personal identifiable information (PII), can be a valuable digital loot for threat actors on dark web black markets.
High and massive-scale attacks accounted for 49% of all 2023 attacks, up from 22% in 2022. Attacks against telematics and backend systems account for 43% of total incidents in 2023, up from 35% in 2022.
In response, many Original Equipment Manufacturers (OEMs) are increasingly aware of these threats and are taking an active approach to cybersecurity. Establishing a Vehicle Security Operations Center (vSOC) is the first step to counter mounting cyber threats in the fleet ecosystem.
Moreover, there's a growing focus on protecting Internet of Things (IoT) protocols and APIs to ensure smooth operations. In China, the emergence of new regulations helps expand the coverage of cybersecurity measures. However, the dark web, a part of the deep web, remains a part of the problem in cyber threats, as it contains websites not indexed by traditional search engines and only accessible through specialised browsers.
Recent incidents, such as the 1TB data leakage incident suffered by a global charging provider in 2023, underscore the importance of vigilance and proactive measures in the face of these evolving threats. The SEC's requirement for companies to report cyber attacks within 96 hours has led to a significant impact across the landscape, driving a greater emphasis on cybersecurity.
In conclusion, the 2024 landscape is marked by large-scale, remotely executed cyberattacks targeting fleet and vehicle ecosystems, focusing on safety-critical systems, connected vehicle technologies, and cloud-based infrastructure, posing serious operational and public safety risks.
- In the face of the predicted rise in cyberattacks on fleet ecosystems in 2024, the implementation of advanced fleet management systems that incorporate telematics and cybersecurity measures will be vital for commercial vehicle companies, to protect their fleet from remote attacks on software-defined vehicles, critical systems, and cloud-based infrastructure.
- As the trend of cyberattacks on connected vehicle systems continues to grow in 2024, upgrading fleet management technology with advanced telematics and cybersecurity features will not only help protect sensitive data but also ensure the smooth operation of commercial vehicles, in-vehicle infotainment systems, and the expanding charging network.
