Grafik VicOne
Ling Cheng explains in the current eMove360° Magazine how operators of diverse fleets can benefit from increased customer trust as well as improved efficiency and monetization of their EVs.
At the eMove360° Europe 2025 Conference, October 14–15, 2025, in Munich, the topic of cybersecurity takes center stage with speakers Erik Panke (dSPACE), Dr. Matthias Lenk (Upstream), and Christian Koch (NTT DATA). Attendees include fleet managers, IT experts, and engineers. You can find the full program and tickets at https://www.emove360.com/emove360-europe/.
Ling Cheng, VicOne
Global cargo and passenger transport is undergoing a major transformation as policymakers accelerate the transition to electric vehicles (EVs). In the EU and countries such as the United States and Taiwan, emissions standards are becoming increasingly stringent, and in some cases city buses and government-owned vehicles are to be fully electrified. These policy measures are driving the rapid adoption of EVs worldwide. According to Gartner’s “Market Guide for Commercial Vehicle Fleet Management,” by 2030 there will be 1.8 million battery-electric trucks and 8.5 million battery-electric vans in operation worldwide, up from 490,000 and 2.4 million respectively in 2025.
To keep pace, many fleet operators are investing in big data and AI to optimize operational efficiency. However, according to experts at automotive cybersecurity provider VicOne, it is crucial to also account for the cybersecurity risks that come with increased connectivity and digitalization—because a single gap in cybersecurity can instantly undermine all efforts.
Cybersecurity also drives efficiency: Cybersecurity is not only a foundation for risk management—it is also a decisive factor in the effective and profitable operation of large vehicle fleets. The following sections outline four key risks that illustrate how strongly cybersecurity impacts the performance and reliability of an EV fleet.
Imagine this: The carefully planned routes and schedules of your truck or taxi fleet are disrupted by cyberattackers issuing fake commands, diverting vehicles to incorrect destinations based on misleading instructions. The consequences include higher energy consumption, delayed deliveries, customer complaints, and increased vehicle downtime—all of which impair operational efficiency, utilization, and thus the fleet’s profitability.
This is not hypothetical. In 2022, attackers exploited an API vulnerability in a popular Russian taxi app, sending dozens of vehicles with fake jobs to the same location and causing a traffic jam in Moscow. And in 2024, a software vulnerability in an automaker’s system exposed the real-time location data of 800,000 EVs, potentially enabling cybercriminals to steal cargo or decode delivery routes for competitors. Cybersecurity gaps jeopardize the reliability of the entire fleet ecosystem.
Regulations require fleets to use Electronic Logging Devices (ELDs) to monitor driving data, but these can become targets for cyberattackers. By exploiting vulnerabilities in ELDs or dashcams, malicious actors can inject malware that alters odometer readings, emissions data, or other key metrics. Such manipulated data can flow into compliance reports—creating the risk of fines—and can also distort maintenance intervals, drive up costs, and disrupt workforce scheduling.
Fleet management systems typically flag issues such as inspection failures or driver overtime, supporting both compliance and operational efficiency. But when data is compromised, these safeguards no longer hold. According to VicOne’s findings on threats in the automotive industry, the dark web offers services to tamper with ECU data—cheaply, quickly, and easily accessible to would-be offenders—enabling them to modify control units so they feed false data to ELDs.
Modern fleet management systems often integrate third-party services to streamline operations. Vehicle maintenance, incident reporting, and procurement of consumables can be automatically routed to drivers or maintenance teams, eliminating the need to manually piece information together from disparate systems. While this boosts efficiency, it also increases cybersecurity risk. Every integration point becomes a potential entryway for attackers seeking access to sensitive fleet data.
For example, in late 2022, security researchers discovered an API vulnerability at a network provider whose systems are widely used in North American vehicles. The flaw affected millions of vehicles and allowed attackers to access vehicle data via unauthenticated API endpoints or remotely control functions such as door unlocking and location tracking.
If a fleet relies on similar third-party services, a security gap involving location or routing data could jeopardize cargo security, give competitors insight into operations, and erode competitive advantage.
Vehicles are the lifeblood of a fleet, but a cyberattack can instantaneously remove them from owners’ control, reducing available resources and grinding operations to a halt.
In 2023, reports emerged of CAN-injection techniques that allowed thieves with minimal technical expertise to steal keyless cars—sometimes in as little as 15 seconds. At the Pwn2Own Vancouver 2024 white-hat hacking competition, security researchers exposed cyber vulnerabilities enabling remote control of vehicle functions, and thus vehicle theft without physical access.
If a fleet falls victim to such an attack, the consequences can go far beyond the loss of the vehicle. Replacement and insurance costs may surge, and remaining resources may sit idle due to downtime—severely impacting operating capacity and customer trust.
Cybersecurity from day one: the best long-term investment Over the typical 12–15-year service life of fleet vehicles, the threat landscape evolves rapidly. VicOne’s insights into automotive cyberthreats show a 600% increase in vehicle-related cyberattacks over the past four years, driven by increasingly sophisticated methods.
How can fleets be protected for the long term? Replacing vehicles mid-lifecycle is not a practical option. Cybersecurity should therefore be integrated into fleet strategy from the start—across technology, personnel, and management.
These are the key recommendations to build a solid cybersecurity foundation that supports the long-term reliability and efficiency of an EV fleet.
Improve fleet utilization by:
Proven cybersecurity partners: Prioritize suppliers that demonstrably comply with standards and regulations such as ISO/SAE 21434 and UN R155. These partners should ensure continuous risk management and cyberthreat monitoring throughout the vehicle lifecycle.
Deploying real-time protection: Ensure vehicles are equipped with onboard cybersecurity features such as Intrusion Detection and Prevention Systems (IDS/IPS) to detect and respond to threats in real time.
Enabling OTA updates: Work with providers that offer regular, secure, and user-friendly over-the-air (OTA) patches to quickly remediate vulnerabilities and reduce vehicles’ exposure to new cyberthreats.
Enhance fleet safety by:
Continuous monitoring: Collect real-time data from vehicles, charging stations, and supporting infrastructure to detect anomalies early and proactively mitigate cyberthreats.
Using threat intelligence: Track criminal activity on the dark web and map findings to suppliers’ cyber vulnerabilities to develop actionable defenses.
Staff training: Educate drivers, technicians, and managers on best practices to minimize human error, including recognizing phishing attempts, suspicious commands, and signs of misuse.
Build a secure ecosystem
End-to-end encryption: Apply strong encryption to all vehicle communications, data storage, and APIs to prevent unauthorized access and protect against man-in-the-middle (MITM) attacks.
Institutionalize cybersecurity management: Appoint a dedicated cybersecurity lead or team to oversee regular security reviews, coordinate across departments, and manage incident response plans for rapid recovery and minimal downtime.
Advocate for regulation: Encourage industry associations and government bodies to adopt stricter standards and regulations that mandate robust cybersecurity for EV fleet systems and infrastructure.
Cybersecurity is not just a technical matter—it is the backbone of business continuity, operational performance, and the long-term success of fleet operators. It keeps vehicles running, data trustworthy, and assets protected. By integrating cybersecurity into their EV fleet strategy from the outset, companies position themselves to operate safely, efficiently, and profitably in an increasingly connected and competitive landscape. To achieve this, they should take proactive measures now—rather than waiting until a cyberattack endangers their electric vehicle fleet.
The author, Ling Cheng, is Senior Product Marketing Manager at VicOne.
You can read this and more articles on electric mobility and autonomous driving in the current issue of the eMove360° Magazine in German language. Get the free downloadable PDF or order the print version for only $39.90 (four issues per year) here.
At the eMove360° Europe 2025 Conference, October 14–15, 2025, in Munich, the topic of cybersecurity takes center stage with speakers Erik Panke (dSPACE), Dr. Matthias Lenk (Upstream), and Christian Koch (NTT DATA). Attendees include fleet managers, IT experts, and engineers. You can find the full program and tickets at https://www.emove360.com/emove360-europe/.
You are currently viewing a placeholder content from Google Maps. To access the actual content, click the button below. Please note that doing so will share data with third-party providers.
More InformationYou need to load content from reCAPTCHA to submit the form. Please note that doing so will share data with third-party providers.
More Information
