Electronic logging device data is still at risk of being hacked, as told in a recent cautionary notice released by the Federal Bureau of Investigation.
In the warning, the FBI said cyber criminals can obtain business information through vulnerabilities within ELDs, although hackers have not yet found an easy way to break into that type of data.
“Although the ELD mandate seeks to provide safety and efficiency benefits, it does not contain cybersecurity requirements for manufacturers or suppliers of ELDs, and there is no requirement for third-party validation or testing prior to the ELD self-certification process,” said the FBI last month in its Private Industry Notification.
The notification had no mention of any specific recent attempts to hack into and ELD data.
“Industry and academic research into a selection of self-certified ELDs found the sample of devices did little to nothing to follow cybersecurity best practices and were vulnerable to compromise,” said the warning. “The sample included ELDs that could be purchased off the shelf at superstores and ELDs supplied by well-known companies.”
American Trucking Association’s Fleet CyWatch program also released information aligning with this cautionary notice. The program provides ATA members with internet crime and cyber attack information regarding the trucking industry.
Ross Froat, ATA’s director of technology and engineering policy, said these vulnerabilities have, thus far, only been noticed due to current testing and research efforts.
“There have not been any cyber crime reports of trucks or their technology applications, especially by way of an ELD,” he explained. “The FBI notification is for informational awareness from their industry activities.”
The FBI did iterate this in its warning, saying that the notice was “in furtherance of public-private partnerships.”
For this purpose, “the FBI routinely advises private industry of various cyber threat indicators observed during the course of our investigations,” said the agency. “This data is provided in order to help systems administrators guard against the actions of persistent cyber actors.”
Trucking companies utilizing ELDs should, according to the notice, reduce their risk for any cyber attack by following ELD safety guidelines. “This includes asking the ELD’s supplier specific questions, some of which are identified in this [notification],” said the warning.
As of mid-December, the Federal Motor Carrier Safety Administration has mandated the use of ELDs in commercial trucks, so that driver hours can be logged electronically.
Although some studies show that ELDS are easy targets for cyber attacks, this is more likely to be the case on less-secure ELDs, especially those that rely on older technology.
“It’s important to know industry-accepted ELDs are secure,” said Froat. “ELDs’ primary role is to record hours of service and have mandated cybersecurity protocols. They just need to follow these protocols and enhance themselves with industry-recognized best practices.”
According to Froat, this warning should not be surprising to any members of ATA. “We’re happy that the FBI private industry notification was released, but this activity shouldn’t be new to our members. Through ATA Fleet CyWatch and the Technology & Maintenance Council’s cybersecurity task forces and conferences, ATA has been very engaged in improving the industry’s cybersecurity posture.”
The FBI’s notice explained that a sample of ELDs were not adhering to the safety protocol that is in a trucking company’s best interest. ELDs send inspection reports directly to FMCSA and must connect to a vehicle’s electronic control module to track location, data, time, hours of operation, vehicle miles, user identification, vehicle identification, and motor carrier identification information.
If an ELD has more advanced telematics functions that are connected to shipment tracking and dispatching, a successful cyber attacker could easily navigate the company’s overarching network after gaining access, said the notice.
“Cyber criminals interested in stealing data such as personal information, business and financial records, location history and vehicle tracking, or other proprietary data such as lists of customers and cargo can use vulnerabilities in ELDs as a way in to access trucking companies’ enterprise networks and databases,” it continued.
After this access, a hacker could potentially install malware and prevent the ELD and the vehicle from operating properly until a ransom is paid. Signs of this activity can include unusual file sharing and unusual traffic on a company’s network, which can be detected by creating a network baseline, implementing a method of monitoring network traffic, and restricting user and device access to only what is necessary for a specific job.