Stopping car hackers

The number of computer-connected vehicles on the road has jumped, and automakers have plans to add millions more offering over-the-air updates, on-demand features and technology perks that customers demand.

That, however, also means they can be vulnerable to cyberattacks that can steal personal information, take control of vehicle functions and even potentially provide hackers access to the greater electric grid.

And those threats are growing. Half of all auto cyberattacks in history occurred last year, and this year is on pace to top 2021's total.

That's according to Upstream Security Ltd., a startup offering a cloud-based automotive cybersecurity and data analytics platform that's opening its first vehicle security operation center outside of its native Israel in Ann Arbor, Mich.

"The auto industry is at a point now where autos and trucks and vehicles are really becoming just another device," said Richard Forno, assistant director of the Center for Cybersecurity at the University of Maryland, Baltimore County. "Autos are now just another smart device. As such, they are always connected. There are a range of security concerns for any other always-on device. With any new technology that becomes popular, you are going to see an increase in attacks."

That's where Upstream comes in. Working with automakers, it offers a layer of protection to identify and fight attackers, said CEO Yoav Levy.

"This is critical infrastructure that should be taken very seriously not only by the car company or the fleet owners," he said, "but also by the government."

He said vehicles are more vulnerable when they use public charging stations or are receiving over-the-air updates, which the industry is rapidly expanding.

Upstream has the ability to cover 90% of potential security attacks on a vehicle, he said. From its customers, it obtains information coming to and from connected vehicles, charging stations and other digital applications being collected in the cloud. Upstream's platform does security analysis and uses machine learning models to look for known and unknown anomalies in the data.

When anomalies are detected, actions can be taken to protect the vehicle or information. They include disabling the SIM card in a vehicle, working with the automaker's cybersecurity team and contacting the driver.

"We provide some kind of bird's eye view of the entire fleet," Levy said. "And it's being monitored by cybersecurity experts. Once they detect a threat or an anomaly, they can respond in close to real time with playbooks [of what actions to take] and mitigate the risk."

In this way, Upstream not only has been able to offer defenses to new vehicles, but also existing connected vehicles already on the road, which was one of the company's goals when it was launched in 2017.

Levy declined to specify which U.S. automakers have expressed interest in its system, but it has received funding from the alliance between Renault, Nissan and Mitsubishi, the Volvo Group, BMW and Hyundai Motor Co. as well as insurance companies and mobility firms.

The company picked Michigan for its operations center because of its proximity to automakers.

"We can learn a lot from them around their deep experience in automotive," Levy said. "We don't have any car company in Israel that builds cars, so our knowledge in automotive is very narrow."