Networked solutions are playing an increasingly important role in the supply chain and transport because they bring efficiency advantages and reduce costs in the strong competition in the transport industry. “But networking also increases the risks of cyber-attacks. At the same time, smaller companies in particular are still quite hesitant to invest in protecting their vehicle fleets and businesses from attacks,” explains Mathias Dehm, who heads the Research and Processes for Product Security division at Continental. For the study, the infas Institute for Applied Social Science interviewed experts in associations, public authorities, freight forwarding companies and technology service providers.
A further result of the study: Despite increasing reports of cyber-attacks on vehicles, incuding commercial ones, many user companies feel relatively safe from such attacks. Around two thirds of those surveyed feel very well protected against such attacks, while only half of the companies have taken defensive measures for an attack scenario on logistics or fleet management systems. Three quarters are not planning any major investments in the next six to twelve months. However, this relatively high sense of security does not necessarily reflect the actual situation. “Although fleets have not been in the limelight of the discussion about cybercrime so far, they are worthwhile targets for attacks because of their cargo, such as hazardous goods, the size of their fleets and their economic importance. So there are definitely potential risks for logistics companies, for example when criminal hackers shut down fleets in order to extort ransom money,” explains Dehm.
Cyber security is of great importance, especially for efficiency-driven road freight transport, because without connectivity efficient work is hardly possible. “To protect the benefits of digitization, which are vital for the commercial vehicle industry in particular, cybersecurity deserves more attention,” says Gilles Mabire, head of the Commercial Vehicles and Services (CVS) business unit at Continental. “It may well be that the value of the good cybersecurity will increase in the future, for example if increasing digitalisation also leads to an increase in the number of attacks on the systems of transport and logistics companies. Then the willingness to invest may also increase,” adds Mabire.
In general, as the survey shows, the rule of thumb applies: The larger the company, the greater the awareness of cybersecurity problems. There is a cybersecurity gap between the (few) big players and a large number of smaller companies. In fact, according to statistics, the industry is predominantly characterised by small and medium-sized companies. In addition to legal regulations, it will be important to provide companies, especially smaller ones, with affordable solutions. “Cyber security must be affordable for everyone,” says Ido Ben Ami, who heads research and development at Argus Cyber Security. “That’s why there are scalable cyber security solutions that allow smaller fleets to expand their cyber security capabilities as they grow. For example, a Security Operations Centre, which allows fleet managers to monitor, detect and respond to attacks, can be tailored to the specific needs and resources of each organisation.
Over the past three years, work has been carried out on a new regulation to establish uniform cyber security standards for vehicles. The regulation, prepared by Working Party WP.29 of the United Nations Economic Commission for Europe (UN ECE), examines the security requirements during vehicle type approval. In addition to checking whether the security measures used are appropriate, the regulation also audits company processes, among other things. This ensures that cybersecurity is taken into account in the development and industrialisation of components and software. The UN ECE WP.29 regulation will be introduced gradually from mid 2022 and will apply to all newly registered vehicle types in Europe from July 2024 – an important step towards greater vehicle safety. “Cybersecurity will continue to grow in importance with the increasing networking – for example in automated driving and applications around 5G mobile communications – and should therefore always be considered in new application areas,” said Mabire.
More information: https://www.continental-automotive.com/en-gl/Cyber-Security