---

Motor freight transportation’s key role in the global supply chain makes it an attractive target for cyberattacks.  As computer and cyber-based attacks on the trucking and transportation industry increase, ransomware is a particular area of concern.  Ransomware attacks occur when hackers digitally break into a company’s IT infrastructure and encrypt or lock up selected files or the entire system. They then threaten to steal, delete or disseminate the company’s data unless they receive a ransom. Several recent high-profile ransomware cases against the transportation industry and other critical infrastructure components have raised the awareness level and internal prioritization of cyber security preparedness by fleet operators.

At the same time, the complexity of operations and physical infrastructure inherent in fleet management, a universe of connected devices with a broad attack surface, means partners from across the ecosystem need to focus on collaboration and establish common cyber-security standards.  With improved connectivity in the trucking industry, the industry has experienced much growth. Today’s average truck is connected to a lot of devices, including GPS, Electronic Logging Devices (ELDs), and mobile apps which helps generate data needed for shipping companies to run smarter and more efficiently.

Further complicating the picture are sets of regulations that vary on a state-by-state basis, to say nothing of the challenge of finding common standards and regulatory frameworks for shipping networks that stretch across countries and continents.  Everything is going to be driven by data, partners across the ecosystem, from automakers to telematics providers to fleet managers and operators, must ensure they can prevent unauthorized acquisition or manipulation of that data, which can bring down a connected fleet.

Cybersecurity and IT professionals say it is a well-known but unfortunate fact that a large proportion of companies do not put in place adequate strategies to prevent cyberattacks, and they only take the risk seriously if they fall victim to a ransomware attack.

Check out this helpful tool, provided by the FCC, for small businesses to create customized cyber security planning guides – Cyber Security Planning Guide

Ten Tips to Protect Your Company from Hackers –

1.  Conduct a Cyberattack Assessment – There are many assessments available that you can use as s framework to evaluate the vulnerabilities in your organization.  Once you have a better idea of where your strengths and weaknesses lie, you can take the next steps to get better. You can do it internally or hire an outside party to help.  It’s a good idea to do a new assessment once a year.
2. Conduct a Penetration Test – This involves an outside party, a “white hat hacker”, to test and probe your system looking for vulnerabilities.  This is a separate assessment from the self-assessment.  Repeat every year or two.
3. Prioritize the Risks – Apply a simple risk management framework for cyberattacks. On one axis, plot the weaknesses you uncover based on the likelihood of an attack.  On the other axis, plot them based on the significance of their impact.  The items in the upper-right-hand quadrant that are both most likely and can do the most damage are the ones you want to address first.  You only have a finite number of resources so identify the most critical things. 
4. Apply Software Patches – Software patches are something that can prevent viruses, but only if you do it consistently.  Also, talk to your suppliers because they are regularly coming up with fixes for weaknesses they find in their offerings, and you need to come up with operations that install them consistently.
5. Consider Insurance – Purchase a cyber insurance plan. This insurance mitigates the adverse effects brought by cyberattacks and data breaches, covers the cost of recovery, and helps your organization cope with lawsuits.  Companies will generally require you to put a robust cyber security program in place as part of the deal. 
6. Create an Incident Response Plan – Don’t wait until the last minute to create your response plan.  Everyone — the board of directors, company executives, managers, and team members — must know their roles and responsibilities and work out any potential problems with their response before a live cyberattack puts immense stress on the organization. If you become a victim of a cyberattack, you want to have in place –
   • Who is in charge?
   • Who gets notified?
   • Who is the response team?
   • Who is your forensics team?
   • Who is your FBI or DHS contact?
   • Will you pay the ransom?
7. Train Employees – Make sure all employees know how to generate strong passwords and to recognize phishing emails. The key aspects of a strong password are length (the longer the better), a mix of letters (upper and lower case), numbers, symbols, no ties to your personal information, and no dictionary words.  Your employees need to know what dangers are out there and how to recognize them. Invest the time now, and you won’t need to worry about responding to an expensive data breach down the road.
8. Use Comprehensive Antivirus and Malware Programs – Use these programs for all software and operating systems. Make sure to also look into setting up an office policy for staff using their own devices on premises and internal or shared networks. What gets infected at home doesn’t always stay at home.
9. Create Regular Backups – Always create regular backups for your software or use a cloud-based system. Backing up your entire data infrastructure – all devices, servers, and cloud platforms – is a critical part of ensuring business continuity, reducing your operational costs, and instilling trust in your customers.
10.  Review Your IT Department and Update as Necessary – The key is to be proactive so that you are a step ahead of these hackers. It is the only way to beat them. Companies who conduct fire drills and table top exercises report that they are both better prepared for a cyber crisis and more cohesive as a team in the face of an emergency.

Check out this helpful manual for some additional information on protecting your company from cyberattacks – “What to do Before and After a Cybersecurity Breach?”  

There has also been an uptick in phishing attempts where people receive deceitful messages via email and text that are meant as clickbait. Keep a watchful eye for such attempts, as hackers use these tactics to gather information. More recently, there has been an increase in COVID-19 hacking attempts that prey on fear and greed.  Cybercriminals attempt to obtain business’ data by hacking directly into the system through IT deficiencies and by targeting employees.  Fleet managers should train employees on how to protect themselves and the company from a breach.

On the road, the best way for commercial drivers to protect data is to use strong passwords and not respond to or click on suspicious links in text messages and emails. The problem for both drivers and back-office staff are there are so many passwords to remember.  Using a password manager to securely organize and remember passwords is a good idea. Drivers should always use a virtual private network (VPN) when relying on public Wi-Fi and power down equipment every night unless it absolutely needs to run for 24 hours to avoid unwanted or unauthorized access to files and equipment.

When it comes to all the information coming off telematics devices and electronic logging devices (ELDs) in trucks, fleet managers and drivers should note any strange updates or activity. Taking more precautions, like limiting outsiders’ access to company computers, is especially important.  Go overboard in securing freight and in securing the information of what you are hauling – especially when it comes to sensitive materials, volatile chemicals, or defense-related loads.

What are Some Potential Indicators that Your ELD May be Compromised?

• Increase in nonreproducible equipment performance issues.
• Increase in nonreproducible maintenance issues.
• Increase in traffic on vehicle’s internal network.
• Unexpected incoming remote connections on the ELD networking log.
• Unusual traffic or unusual file sharing on a company’s computer network.

The Federal Motor Carrier Safety Administration released a set of cybersecurity best practices for ELD solutions in “Cybersecurity Best Practices for Integration/Retrofit of Telematics and Aftermarket Electronic Systems” [FMCSA-RRT-19-013]. The best practices provide guidance regarding considerations for trucking companies when acquiring new devices and what suppliers can expect from customer acceptance testing of these requirements.

Not all hackers are trying to steal information or data. Some just want to cause confusion in the industry. The bottom line is education and awareness are critically important in the fight against cybercriminal activity and preventing security breaches. Hopefully these helpful tips can assist in mitigating the risk from security incidents.

Sources:

“Trucking Remains a Top Target for Cyberattacks”, FleetOwner, Cristina Commendatore, May 12, 2020.

“Fleets Top Target for Cyberattacks”, Advanced Fleet Management Consulting.

“The Rising Threat of Ransomware:  How Trucking Can Fend Off Cyberattacks”, Transport Topics, Katie Pyzyk, Nov. 30, 2020.