Q&A: Upstream CEO on protecting trucks from cyber attacks – Fleet Management
Most fleets are not doing enough to protect their vehicles, cargo and customers from the threat of hacking, says Yoav Levy, co-founder and CEO of Upstream, a cybersecurity firm that specializes in protecting both individual vehicles and fleet assets.
HDT talks to Levy to see how hacking affects fleet operations. Here’s what you should know.
These interview questions have been edited for clarity, style and brevity.
HDT: Fleet managers are concerned about hacking and cyber attacks, but they often seem to think of these threats in terms of a future problem. You’ve said that the threat is already a massive problem and that they need to act now to protect their businesses, right?
Fee: Correct. Cyber attacks have increased exponentially in the last 10 years and the numbers are increasing at an astonishing rate. Cyber attacks on both individually owned vehicles (including passenger cars) and fleets have increased by 344% since 2010. These attacks are vicious and can cripple or even destroy a fleet business. If you don’t protect your fleet and vehicles now, you need to act soon before you become a target and a victim.
HDT: What are the main types of cyber attacks that fleets fall victim to?
Fee: The first threat fleets face is having their intellectual property stolen – which can then be used to facilitate other crimes later on. It is astounding to consider the vast amounts of proprietary business data stored on a modern truck. Thieves who hack into a vehicle can get everything from specification information, maintenance records, operational data, route information and even personal data: Where did the truck go last night? Where does this driver live? And it is not difficult to imagine how thieves can use this data for all kinds of criminal activity.
HDT: What is the second primary cyber attack threat?
Fee: Broadly speaking, we identify the next serious threat as fraud driven by monetary gain. In the old days, a thief had to break a window and plug in the ignition if they wanted to steal a vehicle. Today, they can just hack into the vehicle interface, or mobile app, unlock the doors and start the engine.
Pure vehicle theft is the most obvious threat here, but hackers can do many other things as well. They can roll back the mileage to make a warranty claim, for example. Or, if you lease trucks, they can roll back the odometer and not pay for the miles they actually ran the vehicle. They can disable exhaust aftertreatment systems so they don’t need to add diesel exhaust fluid, for example.
The only limit to the many types of fraud they can commit once they hack into a vehicle is their imagination.
HDT: And you’ve said that the third threat is actually the biggest one today – and growing.
Fee: This is a ransomware attack. Recently, hackers made news by getting into the software system of a Russian taxi fleet and sending all the cars into the center of Moscow to create a massive traffic jam. But you don’t even have to move vehicles to create huge problems for a trucking business. Imagine if you run a package and delivery fleet at Christmas time and hackers disable the ability to unlock the doors of the vans sitting in your yard. You begin to understand the magnitude of this threat.
There is still, I think, a tendency to think of ransomware attacks as coming from rogue nations. And there are very real threats – especially to hospitals. But ransomware attacks are on the rise. And fleets are very tempting – and vulnerable targets.
HDT: What should we know about cybercriminals?
Fee: They may start a hack with a specific goal, but they will almost always choose the first, or the easiest, opportunity they find when they are in your system. They are out to make money. And they want the easiest way to force you to give them. That makes it more difficult to defend against their attacks because it’s usually a cookie-cutter approach once they’ve hacked in. If they can’t get to the original goal, they will pivot to something easier.
HDT: Are there more ways cybercriminals can go about hacking into a fleet?
Fee: Yes. We see most of the hacks currently targeting telematics systems and application servers. But mobile apps are also an easy switch. The hacker pretends to be someone else and pairs the hacked app with a vehicle they don’t own, for example.
HDT: OEMs and suppliers of vehicle electronic control modules are trying to defend themselves against these criminals. Is the problem simply too big for them to defend against?
Fee: The threat is constantly evolving. I tell people to start thinking about their vehicles the same way they do when buying a new desktop or laptop computer. Of course, the manufacturer and software designers have impressive cyber security systems built into the new computer. But the first thing you should do when you get it home and start it up is to buy and install several antivirus and internet security programs. Because we all understand that the threat desktop and laptop computers face from hackers is far greater than a single software developer can effectively counter by themselves.
It’s time we start looking at our new vehicles in exactly the same way. No matter how good their proprietary cyber security systems are: They need extra protection.
HDT: How does Upstream help fleets get that extra protection?
Fee: At Upstream, we build a cloud-based cybersecurity platform that is purpose-built for connected vehicles from the ground up. And our platform analyzes connected vehicle data, looks at real-time telematics for data footprinting through both apps and over-the-air updates, data sources and data streams like modems and SIM cards to trigger alerts that tell us if someone is trying to remotely connect to a vehicle.
There are many different ways to hack a vehicle and we have many playbooks and answers written to take immediate action when a threat is detected. We can simply disable a SIM card inside a vehicle, for example, and stop a hacker dead in their tracks. We have also put in many automatic responses for certain types of attacks. And we monitor vehicles continuously from our security operations center. We work with almost every manufacturer on the planet and protect over 12 million vehicles worldwide.