In every single sector, cybersecurity is an ever-imminent threat. However, when it comes to fleet management and large fleets of vehicles, threats are both harder to counteract and potentially manage.
As vehicles become smarter, so does the risk and the reward for hackers, of cybersecurity attacks on cars, vans and other vehicles. If your fleet has any smart features, it may not have major impacts at the minute but in five or ten years when technology is greater developed, then this becomes a problem.
In 2015, Chrysler was shown a massive security breach in their Jeep range, where hackers could disable braking, turn the radio on and off and even control the steering. This meant they had to recall 1.4 million cars to create a security patch.
Tesla has had some of its own issues as well. First hackers showed Tesla they were able to access the control system, activate the brakes, flatten door mirrors etc from over 12 miles away. Later on, a hacker from the same group demonstrated how it was possible to hack into a Tesla Model S P85 and installed software from other Tesla models onto it.
So how can you protect your fleet?
Any technical or connected car parts that receive regular updates, should be performed as soon as possible. Having out of date systems is a risk as this can sometimes mean a car has the potential to be exposed to a hack.
Thankfully hackers are now working with car companies to stress test vulnerabilities but keeping software and hardware up to date is paramount.
Attacks such as the NotPetya attack and WannaCry attack, both in 2017, exposed huge vulnerabilities with old Microsoft Windows systems.
In cybersecurity, one of the biggest risks is lack of education. If people do not realise what they are doing could be potentially harmful then cybersecurity will flourish. This could be as simple as leaving a work laptop in their car in full view or leaving a cabin with a fleet dashboard in unlocked while on a rest break.
Ensuring that everyone involved, not just your head office staff, are aware of the risks of cybersecurity helps to reduce your risk massively.
Whether you’re running an off the shelf system, or have a custom built software, databases on driver information, fleet type and any systems are one of the most valuable things your company owns.
With this information hackers can create a plan of action on how to disable your business, or even refuse to unlock the database without bitcoin payment. It can be a costly process and one that could cost your business money, trust and customers. If it is discovered you did not have adequate processes in place, then you can be fined for negligence. Even for that alone, having adequate protection such as multifactor authentication and single sign on keys (SSO keys) can help to show you had things in place.
If route data, or data on a fleet is visible from a website or database, then protecting this is incredibly important. With location data you can find home networks and create vulnerabilities as well as locating the head office.
Some hackers may even be able to reroute vehicles and cause chaos. As such, location data, perhaps used for delivery tracking should be kept secure and once the data needed has finished, the link stopped. Using a one-time access link prevents backdoor access.
For cities and fleet managers, having cars on separate networks and control systems can prevent a fleet from being taken out completely. Say a car on one network has a vulnerability, instead of all vehicles on that Vehicle to Vehicle network (V2V) being exposed and compromised, only a small batch are at risk.
As well as keeping your business moving, this prevents large scale attacks and reduces the overall risk to your business and employees.
This article was produced by Keith Michaels, convicted car insurance and drink drive insurance specialists, highly regarded for finding the best policy that suits your circumstances.