Motor vehicle and driver licensing agencies (DMVs) manage a lot of personal information including customers’ address, phone numbers, SSN and certain medical information. In the pre-digital era, this data was accessible only to authorized users through a limited number of channels or access points for execution/delivery of specific DMV services.
As DMVs started becoming more digital (think mobile driver’s license, autonomous vehicles, connected devices etc.), they added new channels and networks (APIs, Mobile Devices, Wi-Fi or cellular networks) for accessing DMV services and customer data. While this connectivity improved efficiencies and customer experience, it also increased data exposure and made DMVs more vulnerable to cyber attacks.
A report from IndustryWeek found that as the world became more digital, the cases of cyber attacks such as ransom ware, phishing and spoofing increased by 250% to 350% between 2018 and 2017. And, the cost of addressing cyber attacks increased by 53%.
Securing data in this digital, connected world becomes extremely complex and challenging for the DMVs, especially in an environment of diminishing resources, point security solutions and a reactive approach to fix vulnerabilities.
DMV’s current security solutions target specific threats and are inadequate to mitigate smart or coordinated attacks. Let’s look at an example.
Customer information is protected under the Driver’s Privacy and Protect Act (DPPA). However, certain third-parties can access driver data after filling up necessary forms. DMVs grant access to the required information to these third-parties through various interfaces. There have been instances where interfaces had not been terminated after the information was accessed. This vulnerability can be exploited by malicious users who can access data they are not supposed to or use that open interface to hack into the system and access other information or disrupt normal operations.
An automated, AI-based, integrated security approach can address such vulnerabilities and make the system smarter and more secure.
An integrated cybersecurity system has an AI layer that sits on top of all the point solutions, ingests alerts and transaction data in real-time, uses machine learning models to identify patterns or scenarios that pose a security risk, and executes necessary actions to address those vulnerabilities. The system incorporates adaptive self-learning from historical and ongoing transactions, data patterns and feedback to continuously and automatically update its models in near real-time. And, present a unified dashboard to assess security posture of the entire landscape through a single screen.
Let’s see how this system will tackle the scenario we outlined above. Whenever data or information is accessed by a third party through a portal under the DPPA act, an AI-based solution can detect who is accessing the data, analyze what data is being accessed and the time gap between last and current access. If the third-party is accessing data that they are not supposed to or if the gap between two requests is large or if some operations are happening through that interface that never happened in the past and not according to the defined rules, the system can immediately flag this to the appropriate team or shut the interface.
Distributed Denial of Service attack is another threat that this system can mitigate effectively. If there’s an unusual traffic for DMV system access from multiple locations/devices or if there is a coordinated attack from compromised interface portals, the system will sense this unprecedented increase in traffic and act quickly to shut down these attacks.
There are multiple other scenarios where this approach would be useful and I’ll be discussing a couple of these at the upcoming AAMVA Region 2 conference. Let’s meet up if you are attending the conference, would love to get your thoughts on this topic. And if you are not attending, feel free to drop a note and let me know what you think about AI-based cyber security for the DMV.