Cybersecurity & Formula 1, a role model

Many technologies from our vehicles come from Formula 1

Formula 1 and, in general, the owners’ racing teams are the technical playground for engineers to test new technologies at the limit. Technologies such as disc brakes, electronic fuel injection, turbochargers and shift paddles come from racing. Hybrid engines also have their origins in Formula 1, as does lightweight construction in vehicles using carbon. Many electronic functions for communication and data exchange were also initially developed for racing.

In addition, Formula 1 is a very important marketing factor for vehicle manufacturers. Teams like Red Bull also benefit from the positive branding. These factors are important reasons why safety in the teams must be developed to the maximum, just like the technology in the vehicles. To this end, the teams have brought partners on board whose collaboration goes far beyond sponsorship.

Mercedes-AMG Petronas team protects itself with CrowdStrike, McLaren with Darktrace, Williams works with Acronis

With Formula 1 races taking place all over the globe, IT infrastructure and cybersecurity must travel with them. As a result, many teams rely on cloud solutions because during a race weekend, many employees are not just sitting at the track, but are spread across multiple countries working together on a large amount of data.

Many Formula 1 teams have companies from the CyberSecurity sector as partners. This is not just about financial support, as with other sponsors. For example, Mercedes-AMG protects itself from attacks with CrowdStrike, McLaren’s partner is Darktrace, and Williams works with Acronis.

The companies’ logos are emblazoned on the Formula 1 race cars because they are an important team member. Toto Wolf, head of the Mercedes-AMG Petronas team says: « To win, we need complete confidence in the information and infrastructure that drive our team. I am delighted to have CrowdStrike as our cybersecurity provider and partner. »

Mercedes-AMG is a very well-known brand, and in an internationally popular sport, it is naturally a coveted target for attackers. This is also true for McLaren, Williams and of course all other teams as well. Here, it must be ensured that the security in the network is always up to date and can react quickly. Like other companies, Formula 1 teams need external support when it comes to security. It is hardly possible to respond as effectively as necessary with internal resources and have the right answers to new threats.

Here, too, specialists are often the right way to ensure the security of sensitive data. Of course, this does not only apply to Formula 1. For example, security specialists can also use their experience from other networks to proactively combat new attacks. Major providers here are aware of attacks around the globe and investigate them around the clock. Teams such as Mercedes-AMG Petronas, Williams and McLaren are taking advantage of this.

Formula 1 itself also has partners for cybersecurity

In addition to protecting the teams in Formula 1, the security of Formula 1 itself as the organizer naturally also plays an important role. Here, too, a cybersecurity partner has been acquired that not only provides money, but also contributes its technology and experience to ensure Formula 1’s IT security. Herjavec Group is known as a provider of managed cyber security services. The company protects companies as well as Formula 1 from cyber threats worldwide. The partnership with Herjavec Group covers the central area of Formula 1 and therefore also the teams. This is not a strategic partnership, but a high-level technological collaboration.

Formula 1 teams are attacked using the same ways as other businesses

Most of the cyber threats that a Formula 1 team faces are also familiar to organizations around the world. These include, for example, phishing attacks or the constant threat of ransomware.

Cyber criminals use the hectic pace of business and the huge number of emails sent per day as a gateway for cyber attacks.

As teams move internationally, simple IP blocking is not enough; intelligent systems must be in place to respond quickly and correctly. « There could be 250,000 emails over a race week and during a race weekend the number of malicious ones jumps up to about 3.5%, which is a lot – 3.5% of your inbound email has got something wrong with it, that needs to be acted on by the machine, » says Dave Palmer, chief product officer at Darktrace. If even a single malicious phishing email is not detected and forwarded, the consequences can be devastating – not only can it affect race schedules, but a phishing email can be used as a gateway to a broader attack on the network.

Add to that the threat of specialized online attackers interested in the secrets of a high-performance racing team. In addition to the general IT infrastructure, Formula 1 obviously has an extremely large number of PCs, notebooks, smartphones and tablets, as well as a host of other endpoints on which sensitive data is processed. Protecting endpoints is elementary and, in many cases, the job of the cybersecurity partner. Cybersecurity applications such as firewalls, network segmentation, on-demand data access and multi-factor authentication help ensure the team’s security.

In Formula 1, it’s not possible to completely seal off endpoints. That’s because the endpoints are used by engineers and other employees whose decisions are based on the data coming into the endpoints. Here, it is often a matter of hundredths of a second, which can be decisive for the course of the race. Decisions have to be made very quickly without being slowed down by security solutions.

This is, of course, a major challenge for security in the network, spread across several countries. The clear requirement for all Formal 1 teams is that the endpoints must be as secure as possible and at the same time as fast as possible, so as not to endanger employees and their work, but also not to slow them down. This is elementary for the success of the team.

That’s why cybersecurity is important in Formula 1 and why other companies benefit from it

Virtually all components in Formula 1 cars are measured and the data analysed. Every pressure, every temperature and values for acceleration, engine power and much more are under constant monitoring. To this end, there are sometimes thousands of data channels between the vehicle and the team’s IT infrastructure, as well as between the various locations of the racing team. The vehicles are equipped with dozens or even hundreds of sensors that constantly send very sensitive data. Several terabytes of data accumulate here during a race weekend alone. The data must be transmitted reliably and very securely with low latency, often in real time, and in huge quantities.

This shows that network components and the security infrastructure in Formula 1 teams have to push the limits of what is technically possible. This is an important factor for other companies as well, where data is no less important. Cybersecurity companies can test their products at the limits in Formula 1 just as teams can test their engines and other technologies. This also benefits customers of cybersecurity companies, as the products perform well in extreme environments. « As a team we generate, process and analyse significant amounts of data, very quickly – we must ensure our information systems are an enabler for performance, not a blocker, but conversely we also need to ensure they are secure » explains Michael Taylor, IT Director at the Mercedes-AMG Petronas Formula One Team.

If there are security incidents, the security service provider must react very quickly and also block attacks that are still unknown. But the tasks of a cybersecurity partner are more diverse. The company also serves as a consultant, watchdog and emergency response team. Security is a holistic project that should also be managed holistically.

Cybersecurity report is an important source of information before every race

Producing an informational report before each race is standard practice for the Formula 1 teams. This document outlines the potential threats at each event and what is being done proactively to neutralize them. It also includes specific recommendations for the team, such as which devices may not be safe or allowed to be taken to the venue.

Devices that should be turned off at certain times are also captured in the report. The key word in this approach is « transparency. » Those responsible in the team and also the team members know where dangers lurk and how they can be reduced. If an attack does occur, the cybersecurity specialist can proactively intervene based on his experience. Additionally, a key element in protecting the network from cyberattacks is regular cybersecurity training for employees, including managers.

More security does not mean less performance

Often, security technologies have a reputation for being complex and slowing systems down. As a result, many companies forgot network security in favour of performance. At this point, it is also important in Formula 1 that the usability of the security solution does not overwhelm users, team members and IT specialists. In addition, the software used must not overload the protected components. This also plays an important role in Formula 1. The teams often go beyond the limits of technology in their work to gain advantages in the next race.

Cybersecurity must be able to keep up here and not slow down this development. This means that the technology used must offer maximum security and maximum performance at the same time. Other companies outside of Formula 1 also benefit from this development. In Formula 1, prevention, detection and response, IT hygiene, proactive threat hunting, and a 24/7 support team play an important role. This is also generally true for many other companies.