ANN ARBOR, Michigan—Monitoring billions of data points across the globe daily, Upstream, a cybersecurity company in the mobility space, helps ensure the safety of connected vehicles. The company recently introduced Ocean AI, an advanced generative AI solution, that will help it monitor vehicle data for cyberattack threats more effectively.
When Upstream released its 2024 cyber report, the results painted a dark picture of the future for cyber risks in transportation. Cyberattacks grew, which Shira Sarid-Hausirer, Upstream’s VP of marketing, said was expected. What the Upstream team didn’t expect, however, was the growth in cyber threats that targeted a wide scale of vehicles.
Upstream analyzed roughly 1,000 cyber incidents in 2021 and 2022 and found that about 20% could impact thousands, or even millions, of mobility assets, Sarid-Hausirer said. But when it analyzed 2023 cyber incidents, Upstream found that number had more than doubled to 50%.
“Here’s the inflection point,” Sarid-Hauser said to a group of automotive journalists at Upstream’s North American facility during a media event held at Upstream’s U.S. headquarters here. “Essentially half of incidents that were recorded last year had the potential to impact thousands, or even millions, of different vehicles or mobility assets. And it's a 2.5 times increase versus the previous years. That's where we see the beginning of a change.”
See also: Cybersecurity best practices help industry leaders secure their business
The risk of vehicle connectivity
Modern fleets function best when connected. Telematics systems that double as asset trackers, GPS devices, route optimization systems, predictive maintenance systems, and safety coaching systems help fleets increase productivity and fleet safety. However, the more connected a fleet vehicle is, the more opportunities are available for a bad actor to exploit it for personal, political, or, most often, financial gain.
The rapid increase in connectivity in trucking has forced the industry to evolve from CB radios and pen and paper to an entire ecosystem of tablets, cloud connectivity, and, for some fleets, connected EV chargers, leaving no modern fleet immune to cyberattacks.
Last September, Estes Express Lines fell victim to a ransomware attack that blocked access to its data. The company’s truck drivers were unable to electronically log their hours of service, and while the company hired an external cybersecurity team, the ransomware attack took three weeks to resolve.
As fleets continue connecting their trucks and systems, capturing thousands of data points a day, the threat of cyberattacks continues to grow larger, and automotive and transportation cybersecurity companies, such as Upstream, have more to monitor, and it grows day by day.
“There's a lot of new attack vectors that we're identifying as this ecosystem continuously expands,” Sarid-Hausirer said.
The advantage of generative AI
Upstream currently monitors 25 million connected vehicles and IoT devices across the globe. It also monitors billions of API transactions, or communication between two or more computers, such as telematics communications between the vehicle and the cloud.
This data is monitored by Upstream, which checks for anomalies that may indicate a security breach. If an anomaly occurs, Upstream investigates, works to understand the scope of the breach, then mitigates the risk by disabling the compromised system—if safe to do so—and notifying the driver, the OEM, or the involved parties.
Resolving cyberattacks as quickly as possible means Upstream must also stay ahead of or keep pace with the bad actors behind these cyber incidents. The advancement of artificial intelligence and generative AI have lowered the threshold for hackers and bad actors to infiltrate a system, but the same technology can be used to prevent an attack as well, and Upstream is proving this.
Using generative AI, Upstream introduced Ocean AI, the company’s advanced generative AI platform that enable effective cybersecurity risk remediation. Ocean AI is built into the Upstream mobility and detection response platform, enabling OEMs and IoT vendors to efficiently analyze data and cyber alerts, detect patterns, automate investigations, and accelerate cybersecurity operations, according to an Upstream press release.
The use of generative AI in Upstream’s operations helps “dramatically reduce the complexity of investigations and time to remediation,” Orit Gross, Upstream’s senior director of product, said. It accomplishes this through risk analysis, alert filtering and prioritization, and investigation and automation.
See also: Clark: Latest hacking schemes used by cybercriminals
Ocean AI helps the Upstream team with risk analysis by analyzing historical data and automatically identifying patterns and anomalies. This simplifies the analytic process for the Upstream team, freeing them up for solutions that need a human touch.
Through this analysis, Ocean AI can track the severity of alerts and identify trends and spikes that help Upstream prioritize cyber events. Ocean AI also gives Upstream analysts insights into specific types of alerts.
Ocean AI improves investigations by automating workflows through conversational chat. This feature allows Upstream to “ask” Ocean AI questions in a conversational manner, and instantly receive data based on their query. This includes questions like “Which assets triggered two or more alerts in the last 30 days?” Answers are given by analyzing data from multiple mobility assets, offering transportation ecosystem data in a comprehensive view.
As vehicles become more connected and technology becomes more advanced, cyber threats will continue to grow. Upstream’s goal is to protect vehicles to the point where a cyberattack will never impact a driver and fleet owner, Sarid-Hausirer told FleetOwner.