Upstream studied the impact of more than 170 documented, Smart Mobility, cyber incidents reported between 2010-2018 and projected future trends based on that eight-year history.
The Upstream Security Global Automotive Cybersecurity Report 2019 outlines how hackers attacked—from physical to long-range to wireless and more—and whom they targeted in the Smart Mobility space.
With every new service or connected entity, a new attack vector is born. These attacks can be triggered from anywhere placing both drivers and passengers at risk. Issues range from safety critical vehicle systems, to data center hacks on back-end servers, to identity theft in car sharing, and even privacy issues. The risk is immense. Just one cyber-hack can cost an automaker $1.1 billion, while we are seeing that the cost for the industry as a whole could reach $24 billion by 2023.—Oded Yarkoni, Head of Marketing at Upstream Security
Among the primary findings of the report:
While car manufacturers are an obvious target, Tier 1 suppliers, fleet operations, telematic service providers, car sharing companies and public and private transportation providers are facing an ever-increasing threat.
In 2018, the number of cybercriminals (Black hats) attacks eclipsed the number of White hat (security specialists who breaks into protected systems to test and asses their security) incidents. This is the first time that has happened in the Smart Mobility space.
Security needs to be multi-layered (defense in depth). This includes in-vehicle for close-proximity attacks, automotive cloud security for multiple vehicles, services and applications, and network security for the network side of the architecture.
42% of automotive cyber-security incidents involve back-end application servers.
Two new kinds of cyber-attacks are emerging through car sharing and driver exchange. These are having a measurable impact on fraud and data privacy.
Founded in 2017 by cybersecurity veterans from Check Point, Imperva and Juniper, Upstream Security is backed by Charles River Ventures, Glilot Capital Partners and Maniv Mobility.