As technology moves forward within the trucking industry, unfortunately, so do cyberattacks.
“Cybersecurity is always a hot-button item,” said American Trucking Associations’ director of Technology and Engineering Policy, Ross Froat. “We’re very adamant about cybersecurity and how we can help our members.”
At last year’s trucking conference, one major discussion topic was ransomware attacks, as trucking companies had notably become a major target for hackers.
Vice President of McLeod Software special projects, Ken Craig, referenced Forbes’ data at the conference, which showed that the transportation industry ranked fifth on the magazine’s list of most cyber-attacked industries.
Omnitracs‘ chief information security officer Sharon Reyonolds also weighed in, saying that often, smaller trucking companies are easy targets for cyber attacks because they tend to have less sophisticated protection software than larger companies. Those bigger companies are still targets when they unintentionally pay hackers high sums to disable their computer systems.
Currently, modern trucks may have upwards of a dozen kinds of computer technology onboard–which allow fleets to improve safety, communication, and shipment tracking.
“There is a lot of communication going on onboard the truck at all times,” said Froat.” How fleets have been adapting to that has been very beneficial to uptime, more freight deliveries, and assurance to shippers and customers”
McLeod’s vice president of marketing and enterprise systems, Mark Cubine, wants carriers to get ahead of malware risks and reiterates that carriers of all sizes should take precautions.
“You have to have knowledge, awareness and education so people don’t take the bait,” he said, in reference to phishing attempts. What is most important, he said, is that “they don’t click on things they shouldn’t or introduce things they shouldn’t–[it’s] just being knowledgeable.”
Because cyberattack threat methods continue to change and adapt, Cubine said companies should also have software backups in place, in addition to recovery systems and continuous malware protections.
“That’s step one,” he explained. The corporate approach, he said, is strengthening passwords and updatating software to prevent hacking from all directions. “Trucking companies often integrate software from various third-party vendors into their systems. That includes everything from electronic logging devices and transportation management systems. It is important to understand where these services are coming from.”
McLeod’s Craig explained at the October panel that thinking ahead is the best way to avoid catastrophic problems. “By the time you get the notice,” he said of computer protection upgrade needs, “you’re in deep yogurt.”
Joseph Saunders, CEO of RunSafe Security Inc., explained that truckers should protect employees’ and customers’ personal information first, and then begin educating their teams about phishing scam threats.
He also said motor carriers should take annual assessments of their systems, apply software patches, and put in place incident response plans.
Trucks use Controller Area Network Systems to communicate from trucks back to company offices, and some individual components relay data on their own. However, the more technology is present, the higher the risk of hacking is for the company.
“Every step that the industry takes in advancing technologies, there’s a parallel step in terms of vulnerabilities and security, and the scariest things that could happen–like terrorist attacks with truck ramming, and things like that,” said Froat. “That’s partially the reason why we developed Fleet CyWatch.”
Fleet CyWatch is a program that gives fleets cyber threat information on risks that could impact their work by monitoring carriers along with private and federal groups, which also work to report internet crimes.
Geotab’s vice president of commercial vehicle solutions, Scott Sutarik, said data security is one of the biggest threats at hand. “It is important that companies understand their ELD and TMS provider’s security policies to ensure that they are not leaving themselves vulnerable by investing in technology that is not secure.”
Froat added that the National Institute of Standards and Technology’s cybersecurity guidelines should be seriously taken into consideration before trucking companies bring in new software.
“Be proactive in the decision to add whatever to [your] network,” he said. “Because, once one of those systems is hacked, your system is hacked.”