Connected Vehicles are when they share data between servers, apps, and the vehicles’ various components to enable telematics services, smart mobility services, and more.
The following is data from the 2021 Global Automotive Cybersecurity Report – Research Into Cyber Attack Trends In Light Of Cybersecurity Standards And Regulations.
By 2023, connected vehicles are expected to account for a quarter of all passenger cars worldwide, and by 2025 they will comprise nearly 86% of the global automotive market. They’ll be far more sophisticated than they were when GM launched what could be considered the first “connected car” model in 1996 with only an emergency call system. Since then, many more computerized systems have been added, and vehicles will continue to evolve to include additional personalization advanced technological capabilities. While connected components and systems are critical to enhancing vehicles’ capabilities, advancing autonomous vehicles (AVs), and providing better user experiences, they also introduce additional vulnerabilities and entry points for hackers to leverage.
Taking into account that every recent security survey points to cybersecurity as the number one concern of the business community. Suppose you are a supplier of secure transportation services. In that case, ISDA suggests you address the issue of vehicle connectivity and educate yourself on the risk it presents to your principal or client.
To assist with the education process, We will go through the basic definitions of “connected vehicles.”
There are five primary modes of vehicle connectivity:
- Vehicle to Infrastructure (V2I) is a wireless data exchange between the vehicle and road infrastructure to get information about accidents, construction, parking, and more.
- Vehicle to Vehicle (V2V) – is data-sharing between vehicles, typically including location, to avoid traffic jams and accidents.
- Vehicle to Everything (V2X) – any data exchange or communication between a vehicle and other objects or road users, such as traffic lights, road markings, traffic signs, etc.
- Vehicle to Cloud (V2C) – is communication between a vehicle and cloud-based backend systems allowing the vehicle to process information and commands sent between services and applications.
- Vehicle to Pedestrian (V2P) – Communication between vehicles, infrastructure, and personal mobile devices to inform about the pedestrian environment enabling safety, mobility, and environmental advancements
The other phrase practitioners need to understand is “attack vector.”
An attack vector is a path or means by which an attacker or hacker can gain access to a computer or network server to deliver a payload or malicious outcome. Attack vectors enable hackers to exploit system vulnerabilities, including the human element.
Here are some attack vector statistics
- 32.9% of attack vectors are the server
- 26.3% of all attack vectors are from the Key Fob
- 28%OF INCIDENTS IN 2020 INVOLVED CAR THEFTS OR BREAK-INS
If you want to add to your knowledge, we suggest downloading Upstream Security’s 2021 Global Automotive Cybersecurity Report – Research Into Cyber Attack Trends In Light Of Cybersecurity Standards And Regulations.
ISDA is producing a knowledge center for its members to assist with the education process.