Hitting Tens of Thousands of Vehicles At Once | Episode 131
Compromise a cloud service, and tens thousands of vehicles can be affected at once. Matt MacKinnon of Upstream Security walks us through the world of cloud security for connected vehicles, transport trucks, tractors, and other "stuff that moves."
Waterfall team
“…the idea that someone might impact a bunch of vehicles to cause accidents is real. That absolutely could happen.”
About Matt MacKinnon and Upstream Security
Matt MacKinnon handles Global Strategic Alliances at Upstream Security. Matt is an accomplished manager with success in leading initiatives across a variety of technologies and environments. Matt’s experience prior to his role at Upstream Security includes working at JupiterOne, Shift5 and Armis Security.
Upstream Security (LinkedIn Page) provides a cloud-based data management platform specifically designed for connected vehicles. This platform specializes in automotive cybersecurity detection and response (V-XDR) and data-driven applications. Essentially, it transforms highly distributed vehicle data into a centralized and structured data lake, allowing customers to build connected vehicle applications. A key component of this platform is AutoThreat® Intelligence, an automotive cybersecurity threat intelligence solution that provides cyber threat protection and actionable insights. Upstream integrates seamlessly into the customer’s existing environment and vehicle security operations centers (VSOC). Upstream’s clientele includes major automotive OEMs, suppliers, and other stakeholders, and they protect millions of vehicles.
Share
Transcript of this podcast episode #131:
Hitting Tens of Thousands of Vehicles At Once | Episode 131
Please note: This transcript was auto-generated and then edited by a person. In the case of any inconsistencies, please refer to the recording as the source.
Nathaniel Nelson
Welcome, everyone, to the Industrial Security Podcast. My name is Nate Nelson. I’m here with Andrew Ginter, the Vice President of Industrial Security at Waterfall Security Solutions, who’s going to introduce the subject and guest of our show today. Andrew, how’s it going?
Andrew Ginter
I’m very well. Thank you, Nate. Our guest today is Matt McKinnon, the Director of Global Strategic Alliances at Upstream Security. And I don’t know if you remember a number of episodes ago, we had a gentleman on talking about the CAN bus in automobiles, the hundreds of CPUs in in a modern automobile and how that CAN bus, that that network of of automation reached out to the cloud, to the vendor cloud, whoever built the automobile.
Matt and upstream secure that cloud. So we’re going to be talking about the security of of cloud systems connected to automobiles.
Nathaniel Nelson
Then without further ado, here’s your conversation with Matt.
Andrew Ginter
Hello, Matt, and welcome to the show. Before we get started, can I ask you to introduce yourself, to say a few words about your background and about the good work that you’re doing at Upstream Security?
Matt MacKinnon
Andrew, thanks for having me today. Yeah, I’ve been working in network security or cybersecurity in general for the better part of the last 25 years. Got started in network security, endpoint security, IoT security, did even some DOD work and some cloud security. So kind of been around the cybersecurity market in a lot of different ways. Most recently, I’ve been working in automotive or mobility IoT security.
This is in particular where I am today is upstream security where we protect cars and trucks and tractors and pretty much anything that moves around and is connected via cellular network. I was really drawn to this company because of the connection between mobility and things that physical things that move around in cybersecurity and it really is easy to relate to everyday life and very rewarding to be able to work on something that we can sort of see and feel and observe in our everyday life.
Andrew Ginter
And our topic today is automobiles. I mean, we had a guest on a little while ago talking about the CAN bus in automobiles, in trucks, in you know things that move. You’re not talking about the CAN bus. You’re still talking about things that move, but you’re up in the cloud. Can you explain to us what is that? What’s happening out there? How how does it work and and why should we be worried?
Matt MacKinnon
It’s a great question. And it’s really important to think about what’s happening with with cars and with trucks and how they operate today and and what’s how we think they’re going to change in the future as well. So if we think about your modern car, it has really got a lot of computers in it. Everything from the infotainment system to the the most modern things have autonomous driving. So in those cars, the car itself can be can be compromised.
Those cars communicate with the cloud. They send a lot of telematic data about where they are and what they’re doing into the cloud. This is very useful for a lot of different purposes. We also have app on our phones. We can schedule a remote start or we can schedule service of the dealer and things like that on our phones.
When we get into electronic vehicles, we have to charge them. And so we connect them to charging stations and we have to authenticate and pay for electricity. And so what Upstream has realized and recognized many years ago was that no longer can you worry about just securing the car itself. The car is part of this connected ecosystem. And if you’re not looking at that entire ecosystem at once, you’re really not looking at the full spectrum of what can be compromised. The other thing that’s interesting to look at from the last five or 10 years is Upstream does an annual report about the state of automotive cybersecurity. And we’ve been doing it since about 2019. There’s really been a pretty dramatic shift in in the cybersecurity or automotive cybersecurity over that time. If you look back 2014, 2015, people were trying to compromise or hack or steal one car at a time. But if you look at the data today, that’s not the case at all.
Over 95% of the attacks that happened last year didn’t even require physical access to the vehicle at all. Over 50% of the attacks that happened at last year were attacks against thousands, if not millions of vehicles at one time. So we’re no longer talking about bad actors just trying to steal your car or my car. We’re talking about bad actors who are really going after these connected systems that we just talked about and and how can they compromise that entire system, not just one guard car at a time.
Nathaniel Nelson
Andrew, before we get into all of the detail of what he said there, can you just give me a brief overview? We’ve talked about it in a couple of episodes before, but what does the threat attack surface of my car look like? Because I have some notion that my center console is a computer and maybe some other parts of the car, but it sounds like it’s more than that.
Andrew Ginter
Yeah, we had Ken Tyndall on and he was one of the designers of the CAN bus, which is the the dominant communication system that’s used in modern vehicles. I recall that he said, look, Andrew, at the rate at which we’re adding features to the vehicle. For example, if you have a feature that says you can only start the car if your foot’s on the brake. He says for each feature we used to run and a wire, a small wire with an analog signal from let’s say the brake sensor directly to the logic that that controlled the the key and the ignition.
And there was a lot of features being added. And so for every feature when one part of the car was relevant to another part of the car, you had to run a new wire. He said they did a projection at the rate at which new features were being added, they figured that new cars by the year 2050 would be solid copper, which is, of course, nonsense. And so they invented the CAN bus. And so now most devices in in vehicles that are relevant to a feature like the brakes when you’re starting a car or something like that, they have a little CPU.
And they get power on one wire, they get the the network communications on another little wire, and now every piece of the car has one, two wires, or maybe one if you can run both power and and signal over the same wire, has one or two wires running in with not a gazillion, one for each sort of feature that is affecting another part of the car, which means a modern car has two or three hundred CPUs in it with, each CPU has a little wire or two running to it. This is this is the modern vehicle. There’s a lot of software in the vehicle.
Nathaniel Nelson
And then how does that connect to Matt’s domain, the cloud?
Andrew Ginter
Yeah, so many vehicles are connected through the cellular network or by other means, satellite, whatever, but most often I think it’s cellular, to the vendor. Whoever made the car or Matt’s business upstream is upstream security is interested in the big 18 wheelers and tractors in anything that moves. But let’s stay with cars for now. You buy a car from whoever, Chrysler, Ford, whatever. A lot of the cars are connected cellularly into the cloud so that, you can on your cell phone start them remotely. You can affect charging for electric vehicles. There’s these networks of two and 300 CPUs in the vehicle now connected through the internet into cloud systems. And of course, anything connected through the internet can be attacked through the internet. The cloud systems can be attacked through the internet. And this is the focus of of today’s conversation is what’s happening in these cloud systems and how are they being protected?
Nathaniel Nelson
Great. Understood. And maybe you get to this later in the interview. I don’t know. But the statement that stood out most to me already from Matt was this notion that over 50 percent of attacks that happened in the last year were against like thousands or millions of vehicles at one time.
Now I personally, I don’t know if I’m just not up on the news, have never heard of a cyber attack against a vehicle that wasn’t conducted in a laboratory setting or in an experiment of some kind. So what exactly was Matt referring to there?
Andrew Ginter
Well, that’s a good question. And that in fact is kind of the next question I asked our guests. So why don’t we get back to Matt and have him give us the answer first?
Andrew Ginter
So that’s a lot, hundreds, thousands, millions of vehicles at once. Can you give us an example? What has happened? What are we worried is going to happen?
Matt MacKinnon
Yeah, there’s there’s a variety of things that are happening. And I can give you a couple of real world examples of things that we’ve seen in our in our and our company’s interaction. So a couple of things. One is what what we like to call sort of a VIN-spray attack. And this is kind of interesting. So imagine a bad actor using the their app on their phone to actually try to authenticate to many vehicles at one time. So not just connecting to their car, but connecting to many vehicles at one time.
If you can trick a user into accepting, sure you can connect, now you’ve basically given control over of your vehicle and can remote start or modify your car, steal data off your car. Your attacker doesn’t have to be anywhere near you. It could be the other side of the world, but using the APIs that are connecting your phone like you are supposed to, but using it in a malicious way.
Matt MacKinnon
Similar kinds of examples with using enterprise IT and API security type of techniques to generate tokens to connect to many vehicles at one time, execute remote commands, but also cases that aren’t directly stealing data, things like odometer fraud, to roll back odometers so that your mileage on your car isn’t as high as you think or it really is to be able to get a warranty claim.
Matt MacKinnon
Or stealing stealing power from an EV charging station. So these are all variations on real things that are happening right now today. Some are very bad with people trying to take over. Other things are people trying to steal data, and then other times just people trying to sort of steal service or steal some money.
Andrew Ginter
So can we talk a little bit about who’s doing this? I mean, rolling back the odometer, anybody who wants to cheat someone does this for their vehicle, for one vehicle. There’s little benefit to be had in rolling back the odometer for a million vehicles. So people might want to tamper with their own vehicle. Who’s tampering with other vehicles? Why why would people do this? What’s what’s in it for them?
Matt MacKinnon
Like a lot of things, at the end of the day, a lot of times it just comes down to money. A lot of these attacks are based around stealing data. And that and stealing data can be done by anybody. A lot of people all over the world, bad bad organizations that are, it’s ransomware effectively. It’s just a specific variety of ransomware, people trying to steal data, sell data, collect data from a variety of things. There’s another aspect which we’re not seeing a whole lot of, but it’s definitely a concern, which would be sort of the brand damage kind of thing. Imagine if someone were able to take control over an entire fleet of vehicles, some brand, some might make and model the the impact of the fear that would that would arise if that certain variety, I don’t want to name a specific one, obviously, but would just stop working tomorrow morning, right? That would be a tremendously upsetting to many, many people. So there’s a variety of things there, but at the end of the day, the vast majority of it is really about about stealing data that they can sell and other variations on ransomware trying to get data from these automotive manufacturers.
Andrew Ginter
OK. Now, we’re on the industrial security podcast. I worry about heavy industry. Now, what I don’t know is, how diverse the North American fleet of 18 wheelers, the big heavy trucks are. But I’m wondering, is it credible that let’s say a nation state, Russia or China, someone who is involved in a physical conflict and wants to impair the delivery of goods in either the country they’re fighting with or an allies like us of, let’s say, the Ukraine. Is it credible that that the Russians could break into one or two or three vendors, the people who build the big 18-wheelers and, I don’t know, remotely turn them all off? Like cripple a third of the nation’s 18-wheeler fleet by by GPS coordinate? Is that a credible scenario?
Matt MacKinnon
it is, and there’s there’s sort of two different dimensions that are worth talking about there. One is, as you’re describing, trucking is a huge part of our critical infrastructure and the, the CSIS definition of what is critical infrastructure. And it it ranges from manufacturing, emergency services and food and agriculture and healthcare and public safety. And it’s true that if you’re able to impact transportation, you can impact massively important components of the of the economy and our our defense systems.
So to your specific question, can you can you go after trucks and and and disable a fleet? in When we’re talking about cybersecurity, the big trucks are no different than cars. And frankly, heavy machinery for manufacturing or mining or agriculture, is they’re really all connected in very similar kind of ways.
And we have actually seen real attacks like that. Last year, there was an attack against something that’s called an electronic logging device. It’s not actually the truck itself. It’s actually an IoT device that gets installed in a truck. And that that device is used primarily for logging things like hours of service, speed and location, and used for expense management, fuel and tax records, and things like that.
But they’re also connected directly to the trucks and to the CAN bus of the trucks. So they become an attack factor. And if you can compromise this device, you now have access to the actual operating system of the truck. And this did happen last year. It was pretty pretty massive. There’s over 14 million trucks in the United States that use these things. I don’t know how many of them were actually impacted, but these devices were out for better part of a month. Drivers had to resort to paper and pencil to be able to track and log their hours. And to my knowledge, it didn’t actually impact the safety of those vehicles. Like your worst case scenario that you described again didn’t actually happen. But it gave it gave us a real sort of eye opener of how close you could get if you if you really wanted to.
Nathaniel Nelson
I was waiting for Matt to give some real life examples there and it sounds interesting although despite the severity of the case, I mean, he only mentioned it in one or two sentences. Andrew, I’m wondering if you have any more detail about that story he just referenced or any other similar ones like it.
Andrew Ginter
Well, I mean, waterfall does a threat report. And I remember considering that incident for the threat report. Our criteria are different, though. We count events that had physical consequences. And I remember looking at this event and saying, the logging was impaired, but the physical process, the trucks kept moving. They still delivered goods all over the nation. They weren’t delayed at all. some of the electronics, the the logging mechanism was impaired and the the operators, the drivers of the trucks had to fall back to manual operations, but the trucks kept going.
Andrew Ginter
In the report, what I recall, that transportation is the second biggest industry hit by cyber attacks where there were physical consequences. And most of those incidents were where IT systems were impaired that were essential to, let’s say, dispatching the trucks. So you had to stop the movement of the trucks because you couldn’t figure out where stuff had to go anymore. Shipments were delayed. This is the most common sort of physical consequence of of attacks where there were physical consequences in transportation. But this, the scenario here where the cloud’s involved, this is sort of more reminiscent of a story we talked about a few episodes ago. In the Ukraine, the the battlefront with the Russian invasion moved back and forth. And at one point, the Russian army stole a bunch of John Deere farm equipment, $5 million dollars worth of it from a a small town that they’d taken over, from a John Deere dealership. John Deere was unhappy with this, having their stolen equipment driven 700 kilometers into Russia. And so they reached through the cloud because they have cloud connections to all these vehicles and turned off all of the stolen equipment. So that’s an example, not of a cyber attack, but of a capability that, you know, that a lot of people looked at that incident and said, yay, stick it to the invaders. And then they said, just a minute. What just happened here? What if John Deere gets it into their head to turn off all of the vehicles, all of the tractors in Europe at planting at planting time? What if the Russians get it into their head to break into the John Deere cloud and do that? So this is kind of the scenario that we worry about. But in the the upstream threat report, most of the incidents I saw had to do with affecting thousands or millions of vehicles, had to do with theft of information from those vehicles and holding it for ransom.
Andrew Ginter
So that all makes sense. Now, one of the reasons I asked you on as a guest is because you folks in upstream have stuff that I’ve never heard of to address this problem. So, having defined the problem as, cloud systems can reach into cars and, there on the Internet, they can be compromised. Can you talk about your solution? What do you guys do and and how does that work?
Matt MacKinnon
Yeah. so if i were to to make For those of your listeners that are at enterprise IT or you’re familiar with enterprise security, maybe I’ll make an analogy and then I can dive into the details. The analogy if you understand sort of endpoint security or those kind of network security, you’re familiar with the term of an XDR platform, then you also need a Security Operations Center to manage that and you probably want some threat intelligence to support that. That’s effectively what we’ve developed for mobile devices, cars and trucks and tractors and other ones.
The three components there really are that XDR platform. And what does that mean? That means we collect data from the vehicle itself, from the telematics cloud, from the APIs that are calling in and out of it. And we stitch that all together in the cloud in what amounts to a digital twin of a vehicle. So for every vehicle we monitor, and we monitor over 25 million vehicles today, we’ve got a digital twin of exactly what it is, where it’s going, what it’s doing, how fast it’s going, everything from oil pressure to geolocation to what was the last remote command that came to it from some some API and in in the in the cloud. That gives us the ability to look for anomalies, look for patterns of bad behavior, to identify something like, hey, why did a remote start of that vehicle come from a country that the vehicle isn’t in?
Or little things like that, that seem very simple on the surface, but are very complex to see unless you have the breadth of data that we do. So that’s one piece. That’s the technology piece. But yeah you then need someone to actually operate this thing, right? So a Security Operation Center, or we’ve coined the term the Vehicle SOC or the V-SOC.
Matt MacKinnon
A lot of operators don’t really have this capability or the skill set themselves. So we offer that as a service on top of our platform. If you want, sometimes people would do it themselves. Sometimes people bring in an MSSP to do it. The last component of the solution, though, of course, is threat intelligence. And there’s lots of vendors out there, lots of providers that will do threat intelligence for classic enterprise things and some OT things. But what we do there is very, very specific to the automotive industry of every engine control unit and software version and hardware version and yeah there’s a cars are aggregations of many, many components. So we take that whole software bill of materials, hardware bill of materials, and we actually have a team that goes and does research and on the deep web, the dark web, interacts with the bad guys and figures out what they’re up to. And so when you put that all together, the XDR like monitoring the SOC service to actually operate the platform and then the threat intelligence of what are the bad guys really doing and what are they working on, you end up with this really complete end-to-end solution for being able to determine and monitor and make sure that vehicles and these devices are are actually secure.
Andrew Ginter
So you just described a detective capability, detection, threat intel, sort of deep knowledge or deep understanding of stuff. When there’s an incident, do you also respond and recover? And to prevent incidents, do you have anything that you embed in the vehicles or in the cloud of your protected customers?
Matt MacKinnon
Yeah, so you’re right. Our primary focus is on detection. But all those other sort of respond and recover and protection are equally as important. So you’re right, we are not in-line. We don’t have a way ourselves to natively block something that’s happening. But we do that via integration in the partner ecosystem around us. So it may be that if it is a sort of more modern vehicle that is a software-defined vehicle, then there are ways that we can actually send commands or updates back to a vehicle to tell it to stop a behavior or to integrate with the network itself. So if a device is cellular connected, can we talk to the cellular provider to drop that connection to to do that? So we can’t do it directly, but we can integrate to do it. From a protection, like in the design time phase, we do work with the automotive manufacturers directly themselves, the chip makers, as well as the software providers and everybody from Red Hat to Amazon and Google to Qualcomm and others where we’re involved and can be influential in the way that those systems are designed, using our threat intelligence, using our knowledge of what bad actors are doing to help make sure that there is a secure development process and that these these devices have the right level of onboard protection in place.
Andrew Ginter
And you folks have been doing this for a while. You have customers, the big automobile makers all over the world. Can you talk about your customers experience using this technology? What have you been finding? What’s of value to them?
Matt MacKinnon
It’s very interesting to see what people can use the platform for. We do see a lot of cyber attacks, and we talked about the VIN-spray and some of the API examples before. But the the platform we have, the visibility and vulnerability that we provide definitely lends itself to a bunch of other things. We’re seeing customers use the platform for identifying theft, stolen vehicles, and seeing vehicles being in places they shouldn’t be.
We’re seeing fleet operators use the data that we have to be able to monitor where fleets are or the vehicles being used appropriately. Everything from fast accelerations and breaking hard to other types of usage and mileage for fleet management. The other use case that’s emerging to be more common is related to electronic vehicles and the use of their batteries.
And there’s a lot of new behaviors people need to learn about properly but managing a battery. How do you charge it? When do you charge it? Things like that. And we can provide some really interesting insights to those kind of use cases. So customer satisfaction kind of things as well there. So it is one of the sort of fascinating and fun things about the the company and the product and the technology is the useages uses of the technology beyond just traditional cybersecurity.
Andrew Ginter
Nate, let me jump in here. The reason I asked that that question of Matt is that he’s got basically a detective, intrusion detection, attack detection technology here. And what I’ve observed is that almost whenever we deploy a detective technology into an OT system, we get operational insights as well as security insights. so I remember 20 years ago when I was deploying intrusion detection systems, the the first intrusion detection systems that went into industrial networks, the engineers at the site would be looking over our people’s shoulders while we were tuning the system, tuning out false alarms and figuring out the the the right way to to report on these systems. And they’d look over our shoulders and say, what’s that? That’s a lot of traffic between a a the engineering workstation and a particular PLC sucking up 80% of the bandwidth of the the network going to that you family of PLCs. What is that? And we dig into it. And well, a test had left had been left running on the on the engineering workstation that should have been turned off. This is why the whole system was a little bit sluggish, not slow enough that anyone raised an alarm about it, but once you lift the lid on these OT systems and you see what’s inside, often there’s operational benefits.
I mean, Matt talked about electric vehicles. Batteries are a huge part of electric vehicles. And these batteries, they’re chemical systems. If you deep discharge them or don’t deep discharge them enough or charge them sub-optimally, battery life is reduced. The lifetime of the battery, years of battery life, the range you get on the battery. And so, the sense I had is that before, the upstream security technology went in, fleet vehicle owners and electric vehicle vendors might not have had the data. They didn’t have the instrumentation to figure out, to gather all this data. well Upstream gathered all the data to figure out if there was an attack in progress, looked at the data and said, nope, there’s no attack in progress, and then go back to the vendors and say, by the way, we have all this data. Would you like to use it to change the design or improve the design or optimize the design of your electric vehicles so your batteries last longer? Yes, please.
So A lesson here is that there’s often secondary benefits to deploying detective security measures. You get insights by looking at data that you just didn’t have before.
Andrew Ginter
So this is all good. What I worry about as someone involved in industrial cybersecurity, heavy industry, mines, high speed passenger trains, I always worry about safety.
We’ve talked about sort of credible threats to safety sort of as as future concerns. Can you talk about what’s happening there? How how worried should I be about the the safety of my cloud connected vehicle?
Matt MacKinnon
It’s a really important topic. I think the good news is from your as an individual consumer, should you be worried about your connected vehicle from a safety perspective? Probably not. I certainly don’t worry about know driving my car every day. But I think and on a grander scale, safety really is important. Right. The fact that we’re talking about these software in vehicles, the connection between software and the physical world, you’ve got vehicles, cars, trucks, tractors, these things are thousands of pounds, they move at very high speeds. The implication of a cyber incident to safety is pretty dramatic. And fortunately, we’re not seeing that a whole lot, but it is possible and certainly could happen.
And so the idea that someone might impact a bunch of vehicles to cause accidents real. That absolutely could happen. We have seen, not quite safety, but we’ve seen attacks that were designed to cause congestion and gridlock by sort of car services all being called into one location and causing gridlock and that causes a lot of people start to panic when there’s gridlock. And so there’s variations on safety. But the other related concept that I think is also really important is actually I sort of borrow it from the military world. And that is the concept of readiness. And it applies to almost any industry, really. And that is your vehicle ready. And today a lot of people think about vehicles and readiness. They think about, is there gas in the tank? Did you change the oil? And is there air in the tires?
Well now that these vehicles are also software defined or have software connectivity, readiness includes is it cyber secure? And has someone impacted it from a cybersecurity perspective? And so it’s not a concept that I hear a lot of talk about today, but I do think it’s something we’re going to see more and more, especially in industries that rely on the vehicles for their business, like delivery and trucking and things like that.
Andrew Ginter
So that makes sense. You are deep into automotive cybersecurity. We’ve covered in this podcast a bit of what’s happening in the vehicle with you folks, a bit of what’s happening in the cloud. What’s the future hold? What is the future of of automation in vehicles large and small?
Matt MacKinnon
Yeah, what we’re seeing for sure is what is known in the industry as the software-defined vehicle, where really the cars and trucks and tractors and all these devices become computers first and vehicles second, almost. And so that increases the attack surface. I mean, the the power of these vehicles is pretty amazing in what they can do. And we’ve all been watching the future of autonomous driving. But that also applies to connected agriculture, autonomous agriculture, robotics in all sorts of ways. Right, so we’re seeing more and more of these vehicles or or mobile devices become connected and become software defined.
And that has amazing business benefits and and productivity benefits that we’re all going to benefit from. But it does increase the attack surface and just make these things much more complicated and much more targeted and secure. So it is an area that is rapidly evolving. we’d We’d be remiss to talk about this without throwing in the implications of Gen AI and how then the data that these things are going to generate and how that’s going to both make the bad guys better and make us better at protecting. But yeah, the the software-defined vehicle, the increased volume of software in vehicles is really the future of the industry, but then the impacts to cybersecurity are clear.
Andrew Ginter
Software-defined vehicles. That’s a scary thought for someone like me who’s focused on the worst that can possibly happen. But if we have people working on the problem, I’m confident we can work something out that’s going to keep us all safe. Thank you for bringing these insights and these worries to the podcast. Before I let you go, can I ask you, can you sum up for our listeners, what are what are the key takeaways here?
Matt MacKinnon
Yeah, thanks, Andrew. I would start by reiterating what you just said, which is, the good news is for the average consumer, the average driver, it’s just not something you have to spend that much time worried about. The manufacturers are taking it seriously. There’s, software vendors like upstream that are taking it seriously. We’re working on it. It does happen, but it’s not something everybody needs to – it’s like don’t stop driving. The next thing though is to also be aware that this isn’t just about cars, right? There are cars and trucks. I have alluded to agriculture and tractors but this is continuing to get bigger and bigger the the notion of software-defined anything and software to-defined vehicles of all varieties is is growing, not not slowing down.
As we get into autonomous vehicles, that’s going to make it even more and more complex. Don’t worry about it too much, but it is getting bigger at the same time. The last thing is, this is what we do at Upstream. The company was formed for this. It’s what we do. We take it seriously. We also care very much about sort of giving back and contributing. And that’s why we do the annual report and the research that we do that we publish, host webinars, most of which is information sharing and thought leadership and not trying to sell stuff. So please check us out and take a look at that report. It is free and anybody can take a look at it and we’re already starting to work on next year’s now.
Nathaniel Nelson
So, Andrew, cars are a microcosm for cybersecurity at large.
Andrew Ginter
Indeed, and the cloud is coming. The cloud is coming, and it’s coming to many industries. In my experience, manufacturing, all kinds of manufacturing, is using cloud systems quite intensively. More sort of conventional, critical infrastructure, water systems, power plants are using cloud systems somewhat and increasingly, and it looks like the cloud has arrived for automobiles and other kinds of moving equipment and is is being used fairly intensively. And all of those uses, I think, are going to increase. This is the future. And of course, what we have then is, lots more software involved, lots of opportunity to attack that software.
Attacks are targeting cloud systems and there can be physical consequences. So I think it’s a big new field. It’s just going to become more important as the years go by and is, I guess, something more, something new to worry about in, in the field of industrial cybersecurity.
Nathaniel Nelson
Well with that, thank you to Matt McKinnon for his interview with you. And Andrew, as always, thank you for speaking with me.
Andrew Ginter
It’s always a pleasure Nate, thank you.
Nathaniel Nelson
This has been the Industrial Security Podcast from Waterfall. Thanks to everyone out there listening.
Trending posts
The 2024 Threat Report: Prioritizing Cyber Security Spending
How Likely Is That To Kill Anyone?
Hitting Tens of Thousands of Vehicles At Once | Episode 131
Stay up to date
Subscribe to our blog and receive insights straight to your inbox