"Priority should be given to two crucial aspects in 2024 to thwart potential cyber threats for fleets"
In the rapidly evolving world of fleet technology, cybersecurity has become a paramount concern. The interconnected nature of vehicles and their ecosystem presents a significant opportunity for cybercriminals to target various stakeholders.
The United Nations Economic Commission for Europe (UNECE) has taken a proactive stance with the implementation of UNECE WP.29 R155 (UN Regulation No. 155), a framework for cybersecurity. Many Original Equipment Manufacturers (OEMs) are already leveraging advanced cybersecurity tools and solutions. However, the increasing complexity of vehicle software and the growing number of attack surfaces make it a challenging landscape.
The year 2023 saw a dramatic increase in cyber incidents, with high and massive-scale attacks accounting for 49% of all attacks, up from 22% in the previous year. Black hats executed 64% of these attacks, and 95% of incidents were performed remotely, 85% of them long-range.
Attacks against in-vehicle infotainment systems accounted for 15% of total incidents, nearly doubling from 8% in 2022. Vulnerabilities in Application Programming Interfaces (APIs) can provide remote control over vehicles and management systems, posing a significant risk.
The Vehicle-to-Everything (V2X) space, including Bluetooth connections and Over-the-Air (OTA) remote software updates, is another attack space. Large-scale attacks targeting smart mobility vendors, fleet operators, and mobility Internet of Things (IoT) devices are a concern, and the charging network is a significant target. Both hardware and software components of charging stations are vulnerable to cyber-attacks, potentially causing the loss of vast amounts of operational and consumer data and operational disruptions.
Periodic software updates are crucial to ensure safety over wireless and more vulnerable communications. Sensitive data, such as personal identifiable information (PII), can be sold on dark web black markets. A security researcher accessed a Japanese OEM developer's CRM database by exploiting misconfigured APIs and a lack of proper authentication and verification.
Given these threats, the primary predicted threats in the fleet ecosystem for 2024, according to Upstream Security's 2024 Global Automotive Cybersecurity Report, include a significant rise in sophisticated cyberattacks targeting automotive systems. These threats notably include:
- Large-scale ransomware attacks causing major operational disruptions in the automotive ecosystem.
- Remote cyberattacks, which constitute the majority of incidents (92% executed remotely).
- Supply chain vulnerabilities, where weaknesses in third-party components such as chip manufacturers, service providers, or EV charging stations can be exploited to breach entire vehicle networks.
- Increased impact and scale of attacks in 2023 compared to previous years, highlighting a critical inflection point for automotive cybersecurity.
- Use of Generative AI by threat actors to enhance attack sophistication, alongside its potential use for detection and remediation.
- The growing complexity of vehicle software, including Advanced Driver Assistance Systems (ADAS) and over-the-air (OTA) updates, which widen the attack surface and increase the risk of code injection and other hacking methods.
Upstream emphasizes the need for holistic, continuous cybersecurity strategies covering the entire supply chain, adherence to global cybersecurity standards (ISO/SAE 21434, UNECE WP.29), and real-time monitoring to mitigate risks in 2024 and beyond.
In summary, the 2024 threats focus on sophisticated, large-scale remote cyberattacks leveraging the interconnected nature of software-defined vehicles (SDVs), supply chain risks, growing software complexity, and new AI-powered attack methods impacting the entire fleet ecosystem. The charging process in the fleet ecosystem involves many PII elements, making it a prime target for cyber-attacks. In 2024, the charging network is another critical target for attacks commencing from the cloud. Attacks against telematics and backend systems account for 43% of total incidents. The fleet ecosystem will face new attack vectors such as applications and the charging network in the coming year.
In 2024, the fleet ecosystem is predicted to face an increase in sophisticated cyberattacks, such as large-scale ransomware attacks targeting commercial vehicles and fleet management systems (telematics), potentially causing major operational disruptions. The charging network, a process involving personal identifiable information (PII), remains a prime target for cyber-attacks, with attacks against it accounting for a significant portion of incidents. To mitigate these threats, a holistic, continuous cybersecurity strategy that covers the entire supply chain, adheres to global cybersecurity standards like ISO/SAE 21434 and UNECE WP.29, and employs real-time monitoring is crucial.
