- No category
Automotive IoT Cyber Risks: Redefining Smart Mobility Security
advertisement
Redefining Automotive & Smart Mobility IoT Cyber Risks SIM-enabled devices have evolved into critical infrastructure, redefining Automotive and Smart Mobility IoT risks and requiring stakeholders to ensure safety, operational availability, and data integrity © 2024 Upstream Security Ltd. All Rights Reserved 2 IOT CYBER RISKS: INSIGHTS FROM THE AUTOMOTIVE AND SMART MOBILITY INDUSTRY In the past several years, the Internet of Things (IoT) has transformed industries ranging from EV charging, agriculture, and construction to logistics and transportation. The automotive industry—most notably through the introduction of connected, software-defined vehicles and smart mobility services—is one of the most prolific users of IoT. In addition to offering unique insights into how cybersecurity risks evolve, the automotive industry can also provide a proven model for mitigating IoT cybersecurity threats. Automotive cybersecurity risks grew exponentially as more functionality was exposed to connectivity. And, as the attack landscape evolved rapidly, and new attack methods emerged, both industry stakeholders and regulators became acutely aware that any point of connectivity could be attacked. While the first era of automotive cybersecurity was characterized by experimental hacks and a rise in total cyber incidents—even as OEMs invested in improving cybersecurity resilience—today, cyber incidents have evolved into large-scale automotive attacks.1 An analysis of publicly disclosed cybersecurity incidents showed a dramatic shift towards large-scale attacks: approximately half of all cybersecurity incidents are "high impact", involving thousands of assets, or "massive impact," involving millions of assets. As more and more attacks are executed remotely—via APIs, telematics, and backend systems—malicious actors can gain access to a massive scale of mobility assets and sensitive data. Additionally, our study of 450 of the most active threat actors on the dark and deep web during the first half of 2024 found that threat actor motivation has shifted to scale and massive impact:2 Nearly 66% of deep and dark web cyber activities had the potential to impact thousands-millions of mobility assets Over 60% of activities involved multiple OEMs or had a global reach © 2024 Upstream Security Ltd. All Rights Reserved 3 Cyber attacks on IoT devices in the Automotive and Smart Mobility ecosystem carry greater risk and impact compared to other IoT devices, with threats to safety, trust, operational availability, and data privacy. A wide range of IoT devices are vulnerable to ransom attacks, including those managed at scale, such as fleet management solutions and telematics systems. In September 2023, a leading US-based trucking and fleet management solutions provider experienced a ransomware attack that resulted in customers being unable to electronically log their on-road hours—as required by federal regulations—or track their transported inventory.3 In response, the company hired external cybersecurity experts to investigate the attack and applied for a waiver from the US Federal Motor Carrier Safety Administration to allow truckers to use paper logs until service was restored.4 Almost three weeks passed before the company was able to resolve the issue, causing serious operational disruption for thousands of truck drivers, fleet operators, and inventory management teams. Increasing automotive cybersecurity risks and impact have prompted regulators and stakeholders to take part in the global effort to create a unified multilayered approach to protecting their IoT assets against cyber threats, adopting new regulatory and internal frameworks. IoT vendors and OEMs are working closely with suppliers, and cybersecurity solutions to support industry-wide compliance and certification efforts, as well as establish robust cybersecurity governance structures and testing processes. © 2024 Upstream Security Ltd. All Rights Reserved 4 SIM-ENABLED IOT DEVICES ARE CRITICAL INFRASTRUCTURE REQUIRING CYBER RESILIENCE The growth in mobility IoT devices across various industries—including electric vehicle supply equipment (EVSE), telematics service providers (TSP), fleet management, agriculture & construction, mining operations, smart cities, and public & private transportation to name a few—ushers in a new era of connectivity and efficiency. In this report, we chose to zoom in on Automotive and Smart Mobility IoT devices, which can be defined according to the following criteria: 01 SIM-enabled connectivity 02 Direct impact on transportation of goods and people The power of the network SIM-enabled IoT devices are powered by the same technologies that have transformed the automotive industry—enabling over-the-air (OTA) updates, software-oriented architectures, advanced digital experiences, and a wide array of value-added applications and services (based on APIs). 5G Connectivity: 5G, the 5th-generation mobile network, is a new kind of network that connects virtually everyone and everything, including machines, objects, and devices. Providing high multi-Gbps peak data speeds, ultra-low latency, more reliability, massive network capacity, and increased availability are some of the benefits of 5G wireless technology. It empowers new user experiences and connects new industries with higher performance and efficiency. It also enables advanced telematics and real-time monitoring, which is essential for many IoT devices in the mobility ecosystem. Softwaredefined (SD) architectures: SD architectures rely on configurable software components that are used to improve and upgrade products throughout their lifecycle, generate revenue from a wide range of feature-on-demand services, and offer innovative datadriven customer experience, ultimately delivering efficiencies, and creating deeper and longer relationships with customers. Application Programming Interface (API): APIs enable end-users and applications to access device functionality, as well as deliver data-driven experiences. Cybersecurity risks have also increased dramatically with the rapid expansion of APIs, while cost of attacking and attack thresholds have decreased, enabling attacks to grow in scale and impact exponentially as a result. Generative AI (GenAI): GenAI is currently redefining product and user journeys across the mobility and transportation value chain. In addition, GenAI can predict traffic patterns, analyze real-time data, and generate dynamic. © 2024 Upstream Security Ltd. All Rights Reserved 5 As in the Automotive and Smart Mobility ecosystem, IoT devices leverage the power of the network to deliver a superior experience and significantly improve operational efficiency. But they also present an ever-growing cyber attack surface, compromising operational integrity and infrastructure stability. In the US, CISA, the Cybersecurity & Infrastructure Security Agency, is the operational lead for federal cybersecurity and the national coordinator for critical infrastructure security and resilience. It identified 16 critical infrastructure sectors that are part of a complex, interconnected ecosystem, and any threat to these sectors could have debilitating national security, economic, and public health or safety consequences.5 Chemical Financial services Commercial facilities Food and agriculture Communications Government facilities Critical manufacturing Healthcare and public health Dams Information technology Defense industrial base Nuclear reactors, materials, and waste Emergency services Transportation systems Energy Water and wastewater systems The overarching line between all sectors comes down to direct impact on three critical factors: safety, availability, and sensitive data. Indeed, Automotive and Smart Mobility IoT cyberattacks can have severe implications for public safety and operational availability—and most commonly, sensitive data, ultimately resulting in loss of customer trust, diminished revenues, and large regulatory fines. © 2024 Upstream Security Ltd. All Rights Reserved (Source: CISA) Critical Infrastructure Sectors 6 SIM-enabled IoT devices usually do not leverage firewalls and other IT controls that protect enterprise IoT devices. Defining Automotive and Smart Mobility as ‘critical infrastructure’ emphasizes the substantial cybersecurity risks these devices pose and reinforces the need to prioritize their resilience. © 2024 Upstream Security Ltd. All Rights Reserved 7 Following are examples of mobility IoT cybersecurity incidents from the first half of 2024, as well as their implications. Safety The safety implications of Automotive and Smart Mobility IoT devices are fundamentally different from those of other IoT devices. Often, SIM-enabled devices are designed to enable mobility in the physical environment (e.g. fleet management devices, autonomous robots, sensors and connected equipment for agriculture, etc.), posing a risk to the safety of surrounding people. Furthermore, some IoT devices are directly connected to vehicles, which may have an impact on the functionality and control of fleets. Sales of Spanish EV chargers stopped amid cybersecurity regulations and threats to the national power grid In February 2024, the UK’s Office for Product Safety and Standards (OPSS) suspended sales of Spanish EV chargers for failing to comply with current cybersecurity regulations, raising concerns over potential risks to the national energy infrastructure.6 The company, which has sold 40 thousand units in the UK and over half a million worldwide, was allowed to continue to sell the chargers until June 30, 2024. This incident illustrates how EV charging vulnerabilities can result in damage to the electrical grid, as the potential vulnerability is caused by the product's connectivity to the internet and its ability to be operated through a mobile app. It was feared that attackers might gain access to many vulnerable chargers and disrupt the grid by switching on thousands at once. Potential impacts include control and manipulation of EV charging systems, and service disruptions to the national power grid due to damage to critical infrastructure. Security researcher finds critical vulnerability enabling remote control of traffic stop lights In June 2024, a security researcher discovered a critical authentication vulnerability in a traffic management system.7 The flaw allowed an unauthorized attacker remote access to the software, enabling modifications and manipulations of the traffic controller system, allowing control over stop lights. © 2024 Upstream Security Ltd. All Rights Reserved 8 Operational Availability and Economic Impact In the Automotive and Smart Mobility ecosystem, cyber attacks on IoT devices can have significant macroeconomic consequences, including the availability of goods and services, food production, critical manufacturing & construction, public transportation & infrastructure, operation of energy grids, etc. Data-driven experiences and advanced technologies have positioned IoT devices as fundamental enablers for fleet availability—Electronic Logging Devices (ELDs), fleet management systems, connected cameras, EV charging stations, automated tractors, etc.—and an attack on these devices could negatively impact the operational availability of entire commercial fleets. A cyber attack on a German agricultural machinery specialist disrupted global production In May 2024, a German agricultural machinery specialist suffered a cyber attack that impacted locations worldwide, forcing the company to halt production operations, shut down all IT systems, and call an external team of specialists.8 It is unclear how extensive the attack was, but as of May 29th, the company issued a press release stating that they have been able to resume production. However, the company was still in emergency mode and expected to have 100% process performance available again within four weeks.9 Security researchers exploit significant security vulnerabilities in ELDs required in all US commercial trucks In a paper presented at the 2024 Network and Distributed System Security Symposium, security researchers from Colorado State University demonstrated how ELDs can be accessed over Bluetooth or Wi-Fi connections to take control of a truck, manipulate data, and spread malware between vehicles.10 According to the American Trucking Associations’ 2021 Economics and Industry Data, there are nearly 14 million commercial trucks in the US,11 all of which are required to have ELDs, which poses a serious security risk for the US commercial fleet. © 2024 Upstream Security Ltd. All Rights Reserved 9 Researchers found that ELDs are distributed with default firmware settings with considerable security risks. The settings also use a Controller Area Network (CAN) bus to communicate, expose APIs for OTA updates, and use predictable identifiers, and weak passwords—simplifying unauthorized connections and access to vehicle systems for attackers in wireless range. Security researchers successfully connected to a 2014 model-year truck's Wi-Fi within 14 seconds, re-flashed the ELD, and sent malicious messages, causing the truck to slow down. The researchers reported the findings to manufacturers and the US Cybersecurity and Infrastructure Security Agency (CISA), highlighting the potential for widespread disruptions. These findings highlight the need to secure Smart Mobility IoT devices as critical infrastructure and the implications of not doing so. In comparison, the September 2023 attack on a leading US-based provider of trucking and fleet management solutions discussed earlier in the report—which resulted in serious operational disruption for thousands of truck drivers, fleet operators, and inventory management teams—was just a preview of what’s ahead.12 Future attacks may result in fleet-wide malware infection that compromises vehicle control systems on a massive scale, causing widespread service disruptions with serious safety and macroeconomic implications. © 2024 Upstream Security Ltd. All Rights Reserved 10 Sensitive Data By nature, IoT devices in the Automotive and Smart Mobility ecosystem generate and collect vast amounts of sensitive data, including PII, location, behavior, and financial information that can be used maliciously. Targeting IoT devices in this ecosystem enables threat actors to gain access to sensitive data on a massive and global scale via a single attack. Eastern European EV charging service suffered disruptions and a data breach affecting over 20,000 customers In February 2024, one of the largest Eastern European EV charging networks suffered a cyber attack which resulted in service disruptions and the data of at least 20,000 customers being leaked.13 The company confirmed the attack and stated that the data breach exposed customer names, emails, RFID tags, and car registration numbers. In addition to the data breach, the company suffered a temporary service disruption, affecting all of the company’s charging stations for several hours. Latin American transportation management software provider hit by ransomware attack In May 2024, a Latin American transportation management software provider focused on reducing costs for agriculture, commercial, and heavy-duty vehicles suffered a cyber attack by a ransomware group.14 The attackers threatened to publish the company's data if the ransomware wasn't paid. The potential impact may result in customers' PII and vehicle data being leaked, as well as disruptions to operations since ransomware usually encrypts and blocks access to the company’s systems. © 2024 Upstream Security Ltd. All Rights Reserved 11 GPS vehicle tracking app vulnerability exposed real-time vehicle location, affecting over 130,000 vehicles worldwide In May 2024, a security researcher discovered a critical vulnerability in a widely-used GPS smart mobility application, affecting over 130,000 cars worldwide.15 The flaw allowed unauthorized access to real-time car locations due to insufficient authorization measures in demo mode. The security researcher could view vehicle locations across various regions by manipulating the demo URL and cookie settings. The researcher alerted the company so that they could address and mitigate the problem. This incident illustrates the drastic impact APIs can have on mobility IoT cybersecurity, enabling massive-scale data breaches. European vehicle tracking and fleet management provider suffered a data breach exposing real-time vehicle tracking data A dark web threat actor claimed responsibility for a data breach at a prominent European vehicle tracking and fleet management software provider in May 2024.16 The data breach, disclosed on a dark web forum, exposed a vulnerability in the company’s internal systems compromising sensitive information including GPS IMEI numbers, real-time vehicle tracking data, billing details, and customer account information. The attacker indicated he had access to all the company’s internal systems, across more than 40 countries. As a result of the data breach, the company’s data, including customer PII, GPS tracking data, and customer billing information may be available for sale on the dark web. Cyber attacks on mobility IoT can have a severe impact on safety, operational availability, and data privacy, as shown above. Combined with the CISA guidelines, it is clear that SIMenabled IoT devices must be classified as critical infrastructure that requires enhanced cybersecurity resilience and protection. © 2024 Upstream Security Ltd. All Rights Reserved 12 CYBER RISKS TARGETING IOT DEVICES IN THE AUTOMOTIVE AND SMART MOBILITY ECOSYSTEM VARY SIGNIFICANTLY VS. IT-DRIVEN RISKS While cyber risks vary in complexity, attack method, and the layer they target, IoT devices must be protected across the application (e.g. internal and external APIs), cloud (e.g. backend systems, OTA updates), and device (e.g. logs, MQTT, OCPP data streams) layers. Mobility IoT Cyber Risks Layer/ Risks The Application (API) Layer The IoT Cloud Layer The IoT Device Layer Inadequate authentication & authorization Lack of encryption Implementation of vulnerable protocols Unsecured management interface Vulnerable third-party usage Insecurely configured APIs Denial of service attacks Insufficient physical hardening Supply chain vulnerabilities Sensitive information exposure Data loss and exfiltration (Source: Upstream Security) © 2024 Upstream Security Ltd. All Rights Reserved 13 Among the most common security vulnerabilities are poor authentication, authorization, encryption, physical hardening, and data protection—as well as weak API security, denial of service attacks, insecure admin interfaces, and vulnerabilities in third-party software, protocols, and supply chains. APIs pose a prime attack vector for massivescale attacks, and the security of IoT devices requires a holistic approach that contextualizes API traffic and operational data. The Automotive, Smart Mobility and SIM-enabled devices ecosystem is now shifting focus to secure product-related cyber risks. A comprehensive approach is required to navigate the multifaceted challenges associated with the rapid evolution of automotive technologies, including the exponential growth of new cybersecurity risks. © 2024 Upstream Security Ltd. All Rights Reserved 14 THE REGULATORY LANDSCAPE FOR IOT IS RAPIDLY EVOLVING IoT ecosystem growth in recent years has led to a wave of regulatory changes intended to protect users and critical infrastructure. Globally, legislators are becoming more aware of cybersecurity risks associated with IoT, and there has been a trend towards tighter regulation of IoT devices, with different countries adopting different measures at different levels—creating complexity that makes it difficult to comply on a global scale. In comparison to automotive cybersecurity regulations like UNECE WP.29 R155 and R165 and similar frameworks implemented by other regulators worldwide including the US (NHTSA) and China, IoT legislation is still in its infancy. But these initiatives underscore the shared understanding that IoT devices, specifically in the Automotive and Smart Mobility ecosystem, have a direct impact on critical infrastructure and must be regulated more closely. © 2024 Upstream Security Ltd. All Rights Reserved 15 Overview of IoT regulatory landscape Reporting Requirements Effective Date Comprehensive legal framework to protect the privacy of individuals. Fines up to 20M Euro or 4% of global annual revenue. Within 72 hours May 2018 EU member states The Cybersecurity Act Voluntary risk-based certification requirements, emphasizing data protection and cybersecurity. Without undue delay, and no later than 72 hours when possible June 2019 EU member states Cyber Resilience Act Comprehensive legal framework with strict cybersecurity requirements. Fines up to 15M Euro or 2.5% of global annual revenue. Within 24 hours TBD (2025) EU member states NIS2 Enhanced security measures and stricter enforcement measures. Fines of up to 10M Euro or 2% of global annual revenue. Within 24 hours, with additional reporting after 72 hours and 30 days October 2024 EU member states Product Security & Telecommunications Infrastructure Bill Comprehensive approach to integrating cybersecurity into product development and lifecycle management. Disclose incidents promptly April 2024 UK Cyber Trust Mark Labeling Voluntary cybersecurity labeling program for IoT devices. None End of 2024 US SEC Cybersecurity Reporting Requirements Companies must provide detailed annual reports on their cybersecurity risk management strategies, including governance best practices, and the board’s role in overseeing risks. Within 4 business days for material incidents; must provide comprehensive detail about the incident nature, scope, impact on operations and financials December 2023 US Regulation Impact on IoT GDPR Scope (Source: Upstream Security) © 2024 Upstream Security Ltd. All Rights Reserved 16 In the EU, the European Parliament approved the Cyber Resilience Act (CRA), a horizontal legislation, covering all products with digital components (both hardware and software).17 The CRA covers the entire lifecycle of products, offering a framework for cybersecurity governing the planning, design, development, and maintenance of products. The CRA also requires manufacturers to report actively exploited vulnerabilities and incidents, and mitigate risks effectively through the support period of the product.18 In the UK, the Product Security & Telecommunications Infrastructure Bill represents a significant regulatory shift for the IoT ecosystem, requiring a comprehensive approach to integrating cybersecurity into product development and lifecycle management.19 In addition to protecting consumers from cyber threats, the bill seeks to mitigate the risk of larger-scale attacks that may disrupt critical national infrastructure by exploiting interconnected devices. In the US, the Federal Communications Commission (FCC) voted to create a voluntary cybersecurity labeling program for wireless consumer IoT products.20 The cybersecurity labeling program builds on the significant public and private sector work already underway on IoT cybersecurity and labeling. The Securities and Exchange Commission (SEC) also adopted rules on cybersecurity risk management, strategy, governance, and incident disclosure by public companies.21 Evolving regulations worldwide reflect a concerted effort by governments and regulators to adapt to technological advancements, promote safety, and address privacy concerns—showcasing a global commitment to shaping the future of IoT. © 2024 Upstream Security Ltd. All Rights Reserved 17 INSPIRED BY R155: IOT STAKEHOLDERS MUST ADOPT A FRESH CYBERSECURITY PERSPECTIVE TO SECURE CRITICAL INFRASTRUCTURE The regulatory landscape for critical IoT infrastructure has not kept pace with cybersecurity risks, as with any disruptive technology. Automotive and Smart Mobility IoT technologies are constantly evolving, and as new applications, devices, and services are introduced, policymakers are continually rethinking regulations. The growth in cyber risks will require regulators to draft new laws, including those governing mobility IoT devices that impact safety, availability, and sensitive data. While regulations like the UK’s Product Security & Telecommunications Infrastructure Bill and the FCC’s voluntary Cyber Trust Mark Labeling program are a solid start and represent a significant regulatory shift for the IoT ecosystem, more needs to be done. To ensure IoT cybersecurity resilience and safety, attack vectors must be mapped, threat analysis and risk assessments (TARA), monitoring and reporting requirements must be standardized. But regulators don’t need to reinvent the wheel—the automotive industry offers a unique and proven model for addressing emerging IoT cybersecurity challenges— they can adapt the R155 CSMS framework22 to create IoT-specific regulations that can ensure a high level of cybersecurity, resulting in better safety and security for customers, while establishing uniform terminology, guidelines, targets, and scope. © 2024 Upstream Security Ltd. All Rights Reserved 18 Today's IoT cyber environment is diverse and dynamic, making rigid technical measures counterproductive. The R155 CSMS framework avoids outlining specific solutions and exact processes, instead stressing the importance of implementing a high standard of cybersecurity analysis. The guidelines outline the process and specify risk analysis and response targets, emphasizing the need to consider life-long cybersecurity threats and vulnerabilities during development, production, and post-production phases. IoT stakeholders need this flexibility to implement innovative cybersecurity approaches and continuously improve. R155 also requires OEMs to implement and maintain threat analysis and risk assessment (TARA) as well as monitoring throughout all stages of the vehicle lifecycle and across the entire value chain. Consequently, OEMs and suppliers are better able to identify and address security risks associated with new SIMenabled devices, architectures, and mobility services. The R155 CSMS framework is unique in its practical approach to cybersecurity, including concrete examples of threats and specified mitigations (Annex 5). But it is also based on a holistic approach, covering process and governance, as well as IT, product, OT, and IoT perspectives. R155 introduced a perception that the security of the vehicle is the result of securing all the layers from the backend and OTA systems through the vehicle interfaces and the vehicle itself. It also requires detecting cyber attacks based on connected vehicle data and mitigating them within a reasonable time frame. This holistic approach should also be implemented across the wider Mobility ecosystem and SIM enabled IoT devices. With SIM-enabled IoT devices considered critical infrastructure capable of impacting safety, availability, and sensitive data on a massive scale, stakeholders and regulators must stay one step ahead of threat actors. © 2024 Upstream Security Ltd. All Rights Reserved 19 It's important that stakeholders take a multifaceted approach to protecting their IoT and OT assets across the application, cloud, and device layers using advanced cybersecurity solutions: The IoT device layer Monitor and protect connected components by leveraging manufacturing or production data, device logs, MQTT, OCPP data streams, diagnostics, and more. The IoT cloud layer Expand detection capabilities to include backend systems, device telematics, OTA updates, remote commands, and diagnostics. The application layer Correlate API traffic with the contextual impact on operational systems and devices, enabling continuous API discovery and monitoring, as well as detection and response. The IoT ecosystem is approaching the scale and impact inflection point, which will occur abruptly, as it did in the Automotive industry. Without advanced cybersecurity solutions and internal frameworks in place, mobility IoT stakeholders may soon find themselves in trouble. © 2024 Upstream Security Ltd. All Rights Reserved 20 DELIVERING A HOLISTIC IOT-DRIVEN CYBERSECURITY SUITE Upstream helps Automotive and Smart Mobility IoT stakeholders, including connected vehicles and Automotive suppliers as well as a wide range of other IoT devices, monitor and secure their IoT devices, ensuring operational availability, protecting data integrity and privacy, and enhancing cybersecurity posture. Upstream delivers a multi-layered cybersecurity mobility detection and response platform (M-XDR), purpose-built for the Automotive, Smart Mobility and SIM-enabled IoT landscape, with a focus on the mobility and transportation ecosystem. This comprehensive approach delivers proactive threat analysis, robust detection and response, coupled with effective monitoring and remediation. THE APPLICATION (API) LAYER products and supply chain. Proactively identify cyber threats related to CYBER THREAT INTELLIGENCE MOBILITY SOC Dedicated SOC monitoring, investigations and remediation. Correlate API traffic with the contextual impact on operational systems and devices, enabling continuous API discovery and monitoring, as well as detection and response. THE IOT CLOUD LAYER Expand detection capabilities to include backend systems, device telematics, OTA updates, remote commands, and more. THE IOT DEVICE LAYER Monitor and protect in-vehicle cameras and connected components by leveraging manufacturing or production data, device logs, MQTT, OCPP data streams, diagnostics, and more. © 2024 Upstream Security Ltd. All Rights Reserved 21 Flexible & scalable architecture The Upstream Platform was built with smart mobility in mind, with a flexible architecture that supports the variety of data types generated and the ability to handle massive data sets. Millions of connected vehicles and IoT devices are monitored on the platform, across the device, cloud, and application (API) layers. Rapid support of new data types, such as the OCPP and MQTT protocols for quick time-to-security for fleet telematics devices, smart agriculture, and mobility IoT. Critical and unique smart mobility security insights are provided by Upstream’s mobility data analysis and behavioral profiling based on domain expertise and a comprehensive understanding of mobility data. Effective monitoring and detection with digital twins Upstream monitors SIM-enabled IoT devices in near-real-time, leveraging unique digital twins to detect compromised assets by recognizing anomalies using MLbased models. Upstream monitors all of mobility assets, creating a digital twin that reflects the individual state of each IoT device, connected machinery, charging station, server, and applications to provide stakeholders with a full view of operations. The digital twins enable the detection of compromised assets, such as Command & Control servers, that may result in prolonged service downtime. By monitoring all traffic on SIM-enabled IoT devices, the platform can detect anomalies that might compromise operational availability. © 2024 Upstream Security Ltd. All Rights Reserved 22 Robust API Security With Upstream’s contextual and application-aware security solution, mobility stakeholders can benefit from: API discovery: Get a complete catalog of all documented, undocumented, and deprecated-but-alive APIs with real-time traffic data, including APIs used by 3rd parties or internal services. API monitoring: Conduct ongoing conformance analysis with continuous discovery of static and dynamic traffic sources to identify potential vulnerabilities in your API landscape introduced by updates. Contextual detection: Apply advanced AI/ML models to effectively detect unknown threats and attacks, including complex low and slow attacks as well as attacks against the functionality of the devices through API vulnerabilities. No-code detector builder: Easily customize detectors and add new detection capabilities for emerging use cases and new business logic without coding or development resources. Mobility SOC analysts can monitor and detect API cyber threats in nearreal-time, find the information they need for effective mitigation, and trigger workflows in response to alerts—ensuring uninterrupted operations. Product-driven cyber threat intelligence Deepen understanding of cyber threats, and apply SBOM risk analysis during development, manufacturing, and production stages to proactively identify threats. Benefit from an intelligence-led strategy that includes thorough monitoring of the deep and dark web for effective cyber threat visibility and actionable mitigation. © 2024 Upstream Security Ltd. All Rights Reserved 23 REFERENCES 1. Upstream's 2024 Global Automotive Cybersecurity Report 2. Upstream Security research, as of June 30, 2024 3. https://therecord.media/orbcomm-trucking-software-ransomware, https://www.bleepingcomputer.com/ news/security/orbcomm-ransomware-attack-causes-trucking-fleet-management-outage/, https://www. marketscreener.com/quote/stock/HAYNES-INTERNATIONAL-INC-46351/news/Haynes-International-IncBegins-Network-Outlet-of-Cybersecurity-Incident-44109194/ 4. https://www.bleepingcomputer.com/news/security/orbcomm-ransomware-attack-causes-trucking-fleetmanagement-outage/ 5. https://www.cisa.gov/topics/critical-infrastructure-security-and-resilience/critical-infrastructure-sectors 6. https://www.telegraph.co.uk/news/2024/02/21/car-charger-withdrawn-hackers-could-attack-national-grid/ 7. https://x.com/Lemonitup/status/1803157586771915252 8. https://lemken.com/de-de/lemken-aktuelles/landtechnik-news/detail/lemken-von-cyberattacke-betroffen 9. https://lemken.com/en-en/news/agriculture-news/detail/production-has-restarted 10. https://www.ndss-symposium.org/wp-content/uploads/vehiclesec2024-47-paper.pdf 11. https://www.trucking.org/economics-and-industry-data 12. https://therecord.media/orbcomm-trucking-software-ransomware, https://www.bleepingcomputer.com/ news/security/orbcomm-ransomware-attack-causes-trucking-fleet-management-outage/, https://www. marketscreener.com/quote/stock/HAYNES-INTERNATIONAL-INC-46351/news/Haynes-International-IncBegins-Network-Outlet-of-Cybersecurity-Incident-44109194/ 13. https://www.delfi.lt/en/business/data-of-20-000-ignitis-on-clients-leaked-in-cyber-incident-95857777 14. https://www.breachsense.com/breaches/ecotruck-data-breach/ 15. https://ahmadmansourr.medium.com/hacking-more-than-130-000-car-worldwide-in-5-minutes766e76003c67 16. https://thecyberexpress.com/alleged-frotcom-data-breach/ 17. https://www.europarl.europa.eu/news/en/press-room/20240308IPR18991/cyber-resilience-act-mepsadopt-plans-to-boost-security-of-digital-products 18. https://digital-strategy.ec.europa.eu/en/library/cyber-resilience-act-factsheet 19. https://www.gov.uk/government/publications/the-uk-product-security-and-telecommunicationsinfrastructure-product-security-regime 20. https://docs.fcc.gov/public/attachments/DOC-401201A1.pdf 21. https://www.sec.gov/news/press-release/2023-139 22. https://unece.org/sites/default/files/2021-03/R155e.pdf © 2024 Upstream Security Ltd. All Rights Reserved ABOUT UPSTREAM Upstream Security offers a cloud-based automotive cybersecurity and data management platform purpose-built for connected vehicles, IoT devices and smart mobility services. Upstream’s platform fuses machine learning, data normalization, and digital twin profiling technologies to detect anomalies in real-time using existing automotive data feeds. Coupled with AutoThreat® Intelligence, the first automotive cybersecurity threat intelligence feed, Upstream provides unparalleled cybersecurity and data-driven insights, seamlessly integrated into the customer’s environment. Upstream is privately funded by Alliance Ventures (Renault, Nissan, Mitsubishi), Volvo Group, BMW, Hyundai, MSI Insurance, Nationwide Insurance, Salesforce Ventures, CRV, Glilot Capital Partners, and Maniv Mobility. For more information VISIT US AT: www.upstream.auto CONTACT US: hello@upstream.auto FOLLOW US:
0
advertisement
Download
advertisement
Add this document to collection(s)
You can add this document to your study collection(s)
Sign in Available only to authorized usersAdd this document to saved
You can add this document to your saved list
Sign in Available only to authorized users