making connected cars safe and secure. for everyone. · ⓒ2019 upstream security ltd. all rights...
TRANSCRIPT
![Page 1: MAKING CONNECTED CARS SAFE AND SECURE. FOR EVERYONE. · ⓒ2019 Upstream Security Ltd. All Rights Reserved. THE STATE OF AUTOMOTIVE CYBER-ATTACKS 2019](https://reader033.vdocument.in/reader033/viewer/2022060707/6073302ed184bd508467da4c/html5/thumbnails/1.jpg)
ⓒ 2019 Upstream Security Ltd. All Rights Reserved. Confidential. © 2019 Upstream Security Ltd. All Rights Reserved.
MAKING CONNECTED CARS SAFE AND SECURE. FOR EVERYONE.
Dan Sahar | VP Product
![Page 2: MAKING CONNECTED CARS SAFE AND SECURE. FOR EVERYONE. · ⓒ2019 Upstream Security Ltd. All Rights Reserved. THE STATE OF AUTOMOTIVE CYBER-ATTACKS 2019](https://reader033.vdocument.in/reader033/viewer/2022060707/6073302ed184bd508467da4c/html5/thumbnails/2.jpg)
ⓒ 2019 Upstream Security Ltd. All Rights Reserved.ⓒ 2019 Upstream Security Ltd. All Rights Reserved.
THE STATE OF AUTOMOTIVE CYBER-ATTACKS
2019
![Page 3: MAKING CONNECTED CARS SAFE AND SECURE. FOR EVERYONE. · ⓒ2019 Upstream Security Ltd. All Rights Reserved. THE STATE OF AUTOMOTIVE CYBER-ATTACKS 2019](https://reader033.vdocument.in/reader033/viewer/2022060707/6073302ed184bd508467da4c/html5/thumbnails/3.jpg)
ⓒ 2019 Upstream Security Ltd. All Rights Reserved. Confidential. ⓒ 2019 Upstream Security Ltd. All Rights Reserved. Confidential.
RAPID GROWTH OF CYBER-ATTACKS ON THECONNECTED AUTOMOTIVE INDUSTRY / 2010-2018
ⓒ 2019 Upstream Security Ltd. All Rights Reserved. Confidential.
![Page 4: MAKING CONNECTED CARS SAFE AND SECURE. FOR EVERYONE. · ⓒ2019 Upstream Security Ltd. All Rights Reserved. THE STATE OF AUTOMOTIVE CYBER-ATTACKS 2019](https://reader033.vdocument.in/reader033/viewer/2022060707/6073302ed184bd508467da4c/html5/thumbnails/4.jpg)
ⓒ 2019 Upstream Security Ltd. All Rights Reserved. Confidential. ⓒ 2019 Upstream Security Ltd. All Rights Reserved. Confidential.
THE TABLES HAVE TURNED BLACKHAT ATTACKS EXCEED WHITE HAT IN 2018
ⓒ 2019 Upstream Security Ltd. All Rights Reserved. Confidential.
![Page 5: MAKING CONNECTED CARS SAFE AND SECURE. FOR EVERYONE. · ⓒ2019 Upstream Security Ltd. All Rights Reserved. THE STATE OF AUTOMOTIVE CYBER-ATTACKS 2019](https://reader033.vdocument.in/reader033/viewer/2022060707/6073302ed184bd508467da4c/html5/thumbnails/5.jpg)
ⓒ 2019 Upstream Security Ltd. All Rights Reserved. Confidential. ⓒ 2019 Upstream Security Ltd. All Rights Reserved. Confidential.
INCIDENTS277
[updated June 2019]
2018
71
2019
77
June
?
![Page 6: MAKING CONNECTED CARS SAFE AND SECURE. FOR EVERYONE. · ⓒ2019 Upstream Security Ltd. All Rights Reserved. THE STATE OF AUTOMOTIVE CYBER-ATTACKS 2019](https://reader033.vdocument.in/reader033/viewer/2022060707/6073302ed184bd508467da4c/html5/thumbnails/6.jpg)
ⓒ 2019 Upstream Security Ltd. All Rights Reserved. Confidential.
Q1 2019 REPORT
Q1’18 Q1’19
300%
2019 Upstream Security Ltd. All Rights Reserved. Confidential.
Q1 2019 REPORT
Q1’18 Q1’19
300%
![Page 7: MAKING CONNECTED CARS SAFE AND SECURE. FOR EVERYONE. · ⓒ2019 Upstream Security Ltd. All Rights Reserved. THE STATE OF AUTOMOTIVE CYBER-ATTACKS 2019](https://reader033.vdocument.in/reader033/viewer/2022060707/6073302ed184bd508467da4c/html5/thumbnails/7.jpg)
![Page 8: MAKING CONNECTED CARS SAFE AND SECURE. FOR EVERYONE. · ⓒ2019 Upstream Security Ltd. All Rights Reserved. THE STATE OF AUTOMOTIVE CYBER-ATTACKS 2019](https://reader033.vdocument.in/reader033/viewer/2022060707/6073302ed184bd508467da4c/html5/thumbnails/8.jpg)
![Page 9: MAKING CONNECTED CARS SAFE AND SECURE. FOR EVERYONE. · ⓒ2019 Upstream Security Ltd. All Rights Reserved. THE STATE OF AUTOMOTIVE CYBER-ATTACKS 2019](https://reader033.vdocument.in/reader033/viewer/2022060707/6073302ed184bd508467da4c/html5/thumbnails/9.jpg)
ⓒ 2019 Upstream Security Ltd. All Rights Reserved. Confidential.
WIRELESS ATTACKS ARE BECOMING MORE POPULAR THAN PHYSICAL ONES.
ⓒ 2019 Upstream Security Ltd. All Rights Reserved. Confidential.
![Page 10: MAKING CONNECTED CARS SAFE AND SECURE. FOR EVERYONE. · ⓒ2019 Upstream Security Ltd. All Rights Reserved. THE STATE OF AUTOMOTIVE CYBER-ATTACKS 2019](https://reader033.vdocument.in/reader033/viewer/2022060707/6073302ed184bd508467da4c/html5/thumbnails/10.jpg)
ⓒ 2019 Upstream Security Ltd. All Rights Reserved. Confidential.
THE RISE OF LONG-RANGE ATTACKS
ⓒ 2019 Upstream Security Ltd. All Rights Reserved. Confidential.
![Page 11: MAKING CONNECTED CARS SAFE AND SECURE. FOR EVERYONE. · ⓒ2019 Upstream Security Ltd. All Rights Reserved. THE STATE OF AUTOMOTIVE CYBER-ATTACKS 2019](https://reader033.vdocument.in/reader033/viewer/2022060707/6073302ed184bd508467da4c/html5/thumbnails/11.jpg)
ⓒ 2019 Upstream Security Ltd. All Rights Reserved. Confidential.
CHICAGO CAR2GO APP HACKED - 100 CARS ARE MISSINGApril 19, 2019. Chicago, USA
Sources: https://www.autoblog.com/2019/04/17/car2go-app-hacked-chicago-100-cars-stolen https://www.theverge.com/2019/4/17/18412750/daimler-car2go-share-now-app-chicago-car-fraud-theft-arrests-stolen-benz
![Page 12: MAKING CONNECTED CARS SAFE AND SECURE. FOR EVERYONE. · ⓒ2019 Upstream Security Ltd. All Rights Reserved. THE STATE OF AUTOMOTIVE CYBER-ATTACKS 2019](https://reader033.vdocument.in/reader033/viewer/2022060707/6073302ed184bd508467da4c/html5/thumbnails/12.jpg)
ⓒ 2019 Upstream Security Ltd. All Rights Reserved. Confidential.
TENCENT KEEN SECURITY LAB: REMOTELY CONTROL TESLA’S STEERING SYSTEM
Keen Security
INTERNET
INFOTAINMENT GATEWAY APE
MITMWIFI/3G/4G
CAN BUS / ETHERNET
CONTROL STEERING SYSTEM
March 2019
![Page 13: MAKING CONNECTED CARS SAFE AND SECURE. FOR EVERYONE. · ⓒ2019 Upstream Security Ltd. All Rights Reserved. THE STATE OF AUTOMOTIVE CYBER-ATTACKS 2019](https://reader033.vdocument.in/reader033/viewer/2022060707/6073302ed184bd508467da4c/html5/thumbnails/13.jpg)
ⓒ 2019 Upstream Security Ltd. All Rights Reserved. Confidential.
April 2019
Remote stop engine commands
7,000ACCOUNTS
Reference: https://www.vice.com/en_us/article/zmpx4x/hacker-monitor-cars-kill-engine-gps-tracking-apps
GoTrack
20,000ACCOUNTS
![Page 14: MAKING CONNECTED CARS SAFE AND SECURE. FOR EVERYONE. · ⓒ2019 Upstream Security Ltd. All Rights Reserved. THE STATE OF AUTOMOTIVE CYBER-ATTACKS 2019](https://reader033.vdocument.in/reader033/viewer/2022060707/6073302ed184bd508467da4c/html5/thumbnails/14.jpg)
ⓒ 2019 Upstream Security Ltd. All Rights Reserved. Confidential. ⓒ 2019 Upstream Security Ltd. All Rights Reserved. Confidential.
CO
MPA
NIE
S IM
PAC
TED
ⓒ 2019 Upstream Security Ltd. All Rights Reserved. Confidential.
![Page 15: MAKING CONNECTED CARS SAFE AND SECURE. FOR EVERYONE. · ⓒ2019 Upstream Security Ltd. All Rights Reserved. THE STATE OF AUTOMOTIVE CYBER-ATTACKS 2019](https://reader033.vdocument.in/reader033/viewer/2022060707/6073302ed184bd508467da4c/html5/thumbnails/15.jpg)
ⓒ 2019 Upstream Security Ltd. All Rights Reserved. Confidential. ⓒ 2019 Upstream Security Ltd. All Rights Reserved. Confidential.
TELEMATICSCONNECTED CARS
CONNECTED VEHICLE SECURITY ARCHITECTURE
MOBILITYSIEM
AUTOMOTIVECLOUD
CYBERSECURITYDETECTION
VEHICLE SECURITYOPERATIONS
CENTER
ENTERPRISESIEM
ENTERPRISEWORKFLOW
OT SECURITY IT SECURITY
ENTERPRISE CYBERSECURITY DETECTION
ENDPOINTS NETWORK SERVERS MOBILEMOBILITYSERVICES
VEHICLE APIs AND SENSORS
OT IT
VSOC
ASSETS
IN-VEHICLEAGENT
DETECTION
![Page 16: MAKING CONNECTED CARS SAFE AND SECURE. FOR EVERYONE. · ⓒ2019 Upstream Security Ltd. All Rights Reserved. THE STATE OF AUTOMOTIVE CYBER-ATTACKS 2019](https://reader033.vdocument.in/reader033/viewer/2022060707/6073302ed184bd508467da4c/html5/thumbnails/16.jpg)
ⓒ 2019 Upstream Security Ltd. All Rights Reserved. Confidential. ⓒ 2019 Upstream Security Ltd. All Rights Reserved. Confidential.
TELEMATICSCONNECTED CARS
MULTI-VEHICLE (FLEET-WIDE) ATTACK
AUTOMOTIVE CLOUD
MOBILITYSIEM
AUTOMOTIVECYBERSECURITY
DETECTION
SECURITYOPERATIONS
CENTER
ENTERPRISESIEM
ENTERPRISEWORKFLOW
OT NETWORK IT NETWORK
ENTERPRISE CYBERSECURITY DETECTION
ENDPOINTS NETWORK SERVERS MOBILE
OT
![Page 17: MAKING CONNECTED CARS SAFE AND SECURE. FOR EVERYONE. · ⓒ2019 Upstream Security Ltd. All Rights Reserved. THE STATE OF AUTOMOTIVE CYBER-ATTACKS 2019](https://reader033.vdocument.in/reader033/viewer/2022060707/6073302ed184bd508467da4c/html5/thumbnails/17.jpg)
ⓒ 2019 Upstream Security Ltd. All Rights Reserved. Confidential. ⓒ 2019 Upstream Security Ltd. All Rights Reserved. Confidential.
TELEMATICSCONNECTED CARS
DETECTION AND SOC ALERT
AUTOMOTIVE CLOUD
MOBILITYSIEM
AUTOMOTIVECYBERSECURITY
DETECTION
SECURITYOPERATIONS
CENTER
ENTERPRISEWORKFLOW
OT NETWORK IT NETWORK
ENTERPRISE CYBERSECURITY DETECTION
ENDPOINTS NETWORK SERVERS MOBILE
OT
ENTERPRISESIEM
![Page 18: MAKING CONNECTED CARS SAFE AND SECURE. FOR EVERYONE. · ⓒ2019 Upstream Security Ltd. All Rights Reserved. THE STATE OF AUTOMOTIVE CYBER-ATTACKS 2019](https://reader033.vdocument.in/reader033/viewer/2022060707/6073302ed184bd508467da4c/html5/thumbnails/18.jpg)
ⓒ 2019 Upstream Security Ltd. All Rights Reserved. Confidential. ⓒ 2019 Upstream Security Ltd. All Rights Reserved. Confidential.
TELEMATICSCONNECTED CARS
ENTERPRISE SIEM ACTIVATE WORKFLOW TO MITIGATE THE RISK
AUTOMOTIVE CLOUD
MOBILITYSIEM
AUTOMOTIVECYBERSECURITY
DETECTION
SECURITYOPERATIONS
CENTER
OT NETWORK IT NETWORK
ENTERPRISE CYBERSECURITY DETECTION
ENDPOINTS NETWORK SERVERS MOBILE
OT
ENTERPRISESIEM
ENTERPRISEWORKFLOW
![Page 19: MAKING CONNECTED CARS SAFE AND SECURE. FOR EVERYONE. · ⓒ2019 Upstream Security Ltd. All Rights Reserved. THE STATE OF AUTOMOTIVE CYBER-ATTACKS 2019](https://reader033.vdocument.in/reader033/viewer/2022060707/6073302ed184bd508467da4c/html5/thumbnails/19.jpg)
ⓒ 2019 Upstream Security Ltd. All Rights Reserved. Confidential. ⓒ 2019 Upstream Security Ltd. All Rights Reserved. Confidential.
TELEMATICSCONNECTED CARS
ATTACK MITIGATED
AUTOMOTIVE CLOUD
MOBILITYSIEM
AUTOMOTIVECYBERSECURITY
DETECTION
SECURITYOPERATIONS
CENTER
ENTERPRISESIEM
ENTERPRISEWORKFLOW
OT NETWORK IT NETWORK
ENTERPRISE CYBERSECURITY DETECTION
ENDPOINTS NETWORK SERVERS MOBILEMOBILITYSERVICES
VEHICLE APIs AND SENSORS
OT IT
![Page 20: MAKING CONNECTED CARS SAFE AND SECURE. FOR EVERYONE. · ⓒ2019 Upstream Security Ltd. All Rights Reserved. THE STATE OF AUTOMOTIVE CYBER-ATTACKS 2019](https://reader033.vdocument.in/reader033/viewer/2022060707/6073302ed184bd508467da4c/html5/thumbnails/20.jpg)
ⓒ 2019 Upstream Security Ltd. All Rights Reserved. Confidential. ⓒ 2019 Upstream Security Ltd. All Rights Reserved. Confidential.
VISIT OUR ONLINE REPORTED CYBER INCIDENTS REPOSITORY www.upstream.auto/research/automotive-cybersecurity
![Page 21: MAKING CONNECTED CARS SAFE AND SECURE. FOR EVERYONE. · ⓒ2019 Upstream Security Ltd. All Rights Reserved. THE STATE OF AUTOMOTIVE CYBER-ATTACKS 2019](https://reader033.vdocument.in/reader033/viewer/2022060707/6073302ed184bd508467da4c/html5/thumbnails/21.jpg)
ⓒ 2019 Upstream Security Ltd. All Rights Reserved. Confidential. ⓒ 2019 Upstream Security Ltd. All Rights Reserved. Confidential.
THANK YOU !