Why Cybersecurity is Essential for Connected Fleets

Whether 5 or 500 vehicles, whether commercial shipping, public transportation, or ride sharing, today’s automotive fleets face countless challenges. They are contending with tectonic shifts in vehicle technology, business models, and fundamental economic underpinnings. In the battle to stay ahead, increase revenues and reduce costs, smart fleet managers are embracing smart fleets – in other words, the industry is trending rapidly toward digitalization and total connectivity.

Increased cyber connectivity, however, also means increased cybersecurity risks. Cyber threats grow in number and sophistication year after year. Just recently, researchers from Kaspersky Labs demonstrated that they were able to “conduct a man-in-the-middle attack and hack into different connected-car Android apps to exploit security vulnerabilities that enabled them to locate a car, unlock it, and in some cases, even start its ignition.” Further, this is not only a mega-fleet problem – all fleets are vulnerable to attack, and while larger fleets may run the risk of more headline-catching dollar values, smaller fleets are just as likely to experience an attack, and much less likely to survive it. Cyber attacks directly impact fleet productivity, revenue, and even driver safety.

What makes fleets so vulnerable to cyber attacks? What is the potential for damage? And what can be done about it?

Vehicle Fleets – Over-exposed, Under-protected

Vehicle today are complex networks of computers on the move, generating a vast amount of data throughout the course of their duties. Unlike computers in an office building, however, certain aspects of fleet management are unique to them – and make them more vulnerable to attack. To begin with, most fleets employ many drivers – sometimes each with a designated vehicle, and sometimes sharing vehicles. Fleet vehicles often drive more miles than other vehicles, interact with more service providers, fuel up at more fueling stations, are serviced at more garages, and park in more overnight parking lots. Each of these aspects, inherent to most fleet business operations, introduces a potential point of entry for bad actors.  Any system with Wi-Fi, Bluetooth, GPS or Internet connectivity—including federally-mandated electronic logging devices (ELDs) for trucking and transportation fleets—is an open door for cybercrime.

Concerning Consequences

The damage that a successful cyber attack can cause also goes well beyond the theft of money or damage to operations. Data – including identification and location information – is and will continue to be integral to how fleets function, and could be up for grabs if fleet security is breached. A massive data leak could damage company brand and reputation, place customers and service providers at risk, and jeopardize business outcomes to the point of forcing closure. Even more concerning? Once an attacker has access to a smart and connected vehicle, it is possible for them to fully control the vehicle – steering, accelerating, breaking – making it easy, and even likely, that they could cause damage to property, and even loss of life.

The consequences, of course, could be even more broad and widespread than that; an attack on the Manhattan Transportation Authority bus system, for example, could lead to massive economic losses and damage to economic resilience. In fact, a 2019 article demonstrated that an attack that accessed 13 vehicles within one square kilometer in Manhattan would be enough to shut down the entire city. As vehicles begin to connect directly with one another (V2V), with their supporting infrastructure (V2I) and with every other possible facet of the environment (V2X), the potential reverberations of an attack only grow.

How to Take Action

Too often, the company fleet and the software associated with it are overlooked, but when fleet vehicles have software access to the business IT infrastructure, it is crucial that they be included in the company’s comprehensive cybersecurity plan. Enigmatos knows that fleets face unique cyber challenges, and thus demand dedicated solutions. That’s why we built the world’s first end-to-end cybersecurity engine for connected fleets, designed from the bottom up for the automotive industry. The EnigmaOne Data Engine accesses and transforms raw in-vehicle data, providing unprecedented cybersecurity protection and operational visibility, easily accessed either on our proprietary platform or fully integrated within a fleet’s operational control center.

Fleets are at the forefront of a rapidly modernizing and interconnected digital revolution that will utterly transform the way we live and conduct business. But the promised future of transportation can only be realized if we are able to keep our most valuable assets truly secure. Enigmatos can get you there, with the automotive cybersecurity and data utilization platform to take your fleet into the digital era, safely.