In 2015, Charlie Miller and Chris Valasek, two researchers, remotely hack into a Jeep Cherokee being driven by Andy Greenberg, a Wired reporter. This was done in an effort to warn the auto industry about potential pitfalls in their software, and encourage legislation regarding automotive cybersecurity. That was not all. Fiat Chrysler, the owner of Jeep, ended up recalling over 1.4 million vehicles and paying $105,000,000 in fines to National Highway Traffic and Safety Administration.
Apart from the damage to Jeeps' brand image, YoavLevy, cofounder and CEO at automotive cybersecurity company Upstream estimates that this stunt caused more than $1 billion in recall losses for the automaker. Upstream, an Israeli company, announced on Tuesday a Series C funding round of $62million that it will use for its cloud-based automotive security to prevent remote hacks.
We monitor every data sent to the vehicle from the automakers cloud. If we do a good job, these messages can be blocked before they reach the car, Levy explained to TechCrunch. We analyze the connected car data as well as telematics data being uploaded from vehicles. This includes data from mobile phones or over-the air updates. We look for anomalies in this data.
The company stated that Upstream plans to use the new funds to expand its offerings for data analytics, predictive analytics, and business intelligence. Levy stated that Upstream finds many anomalies in data it analyses that are not related to cybersecurity. This is an opportunity to create additional applications targeted at OEMs and provide more insights.
However, Upstream may be able to focus on automotive cybersecurity alone, which is expected to grow from $1.9billion in 2020 to $4billion in 2025. This growth is partially due to reinforcement mandates. Cyber vehicle regulations compliance has been issued by the World Forum for Harmonization of Vehicle Regulations, WP 29. It requires that manufacturers selling cars in Europe and Japan to have their vehicles monitored 24/7 by a vehicle security operation center (VSOC). A VSOC is a type of control room that houses analysts who monitor the infrastructure, cloud, and data. It also includes firewalls. Despite not having cybersecurity regulations in the U.S., automakers are still keen to continue producing their products and brand image to avoid the same fate as Chrysler-Fiat.
Upstream also offers VSOC, a cloud-based dashboard and analytics tools. Levy said that the company currently has nearly four million connected vehicles from six OEMs across the United States, Europe, and Japan. Levy expects this number to rise as more connected vehicles are added to the streets.
According to Levy, cars are becoming more connected every year. OEMs are now collecting twice as much data each year. Not only is it the car and cloud, but also the vehicle-to-vehicle network, more advanced modules and computers within the car that do edge computing, ADAS system, computer vision, and level two autonomous, and soon, level three. Given the complexity of connectivity, hackers will likely exploit these bugs to inject their code.
Although it is frightening to think of someone stealing your car and blasting music while it crashes into a wall, Levy claims most hackers don't want violence or your car. They want your data. This is particularly true for fleets. Ransomware attacks are common.
It's Christmas Eve, you're a last-mile delivery service company and suddenly your doors and engines are locked. This is bad for business.
Levy states that cloud-based security is a great solution. Instead of looking into just one car at once, you can see the entire fleet, all connected devices, and any malicious data that may be incoming from the Internet.
While Upstream's path to market is mostly focused on convincing car makers that this technology is needed, Levy believes fleets will be the next big opportunity within the next year.
The company raised $105 million in the latest round since its 2017 founding. Mitsui Sumitomo insurance led the Series C and was joined by I.D.I. Insurance, 57 Stars NextGen Mobility Fund, and La Maison Partners were all part of the Series C. The round also included existing investors Glilot Capital and Salesforce Venture, Volvo Group Venture Capital (Nationwide), Delek US, and other investors.
Levy stated that some of its historical investors are customers. Alliance Ventures (Renault Nissan, Mitsubishi), Volvo Group Venture Capital and Hyundai are the private investors in Upstream. Nationwide Insurance, Salesforce Ventures as well as Nationwide Insurance, Nationwide Insurance, Salesforce Ventures and MSI are also involved.
