Technology is constantly evolving. The tools and systems we use nowadays are far more advanced than they were just a decade ago. Unfortunately, this is also true for the tactics cybercriminals use to gain access to company networks and steal data.
The Trucking industry is familiar with this problem. Ransomware attacks and other cyber breaches affecting truck fleets aren’t exactly breaking news. Major data breaches can harm a trucking company’s infrastructure and ruin its reputation.
Trucking Industry Security
Cyberattacks against all types of companies have been increasing in recent years, with trucking being one of the most targeted sectors. And that was before the pandemic. Now things have gotten worse as hackers take advantage of the changes and chaos triggered by the COVID crisis.
Prevent Ransomware and Cyber Attacks in Trucking Industry
Trucking is a very lucrative industry. Trucking companies have access to vast amounts of cash and credit, and they’re accustomed to paying large bills. If you successfully carry out a ransomware assault, you can demand a bigger ransom than you would if you targeted small and midsize businesses that bring in less money.
Plus, IT management and policies are usually lacking in trucking companies. They don’t invest in the latest technology and provide just rudimentary security training to their employees. In short, cybersecurity isn’t exactly a top concern among trucking companies, at least not in the way that driver and road safety are.
However, cybersecurity has become a major concern once back-office operations had to be switched to remote work. With back-office employees working from home, the security measures that came with working in an office are gone. There is a higher risk because employees are logging in from their own router, which isn’t protected by a central IT department.
In this article, we will go over some of the strategies the trucking industry can use to protect itself against cybercriminals.
Cybersecurity Vulnerabilities in the Trucking Industry
In the trucking industry, the attack surface accessible to hackers is ever-expanding and includes:
- CAN bus (Controller Area Network) exploits on vehicles
- Satellite, wireless, cellular, and Bluetooth connectivity
- Networks and platforms that are accessible via the internet
Trucks, laptops, and mobile phones all connect to web services. Furthermore, the trucking industry uses web-based platforms like GoToMeeting or SalesForce, which are also points of connection that can be exploited by cybercriminals. Therefore, when discussing attack surface, you need to consider the entire ecosystem.
Sometimes the point of vulnerability is not related to technology at all but rather human behavior. During penetration testing at a trucking company, the cybersecurity engineer could not get into the company’s systems, so he simply called the company’s primary phone line and searched through the directory until he came across someone whose outgoing voice mail stated that they would be away on vacation for the next two weeks. Then he called the company’s IT department pretending he was that employee, had problems logging in remotely, and needed help getting access.
This is an example of a social engineering tactic that can be very effective.
Conduct an Assessment
There are a variety of assessments that trucking companies can use to find cybersecurity vulnerabilities. Assessments can be performed both internally and by hiring outside help and should be conducted at least once per year.
A Penetration test involves an outside party, known as a white-hat hacker or ethical hacker, testing a company’s systems to find vulnerabilities. The company’s IT department is usually not informed of these assessments, so they won’t be extra vigilant and skew the results. Penetration testing is a separate assessment from internal assessments and can uncover vulnerabilities that were overlooked. This sort of testing should be done once every year or every couple of years.
Before conducting penetration testing, ethical hackers sign non-disclosure agreements. They conduct a series of tests and write a report with their feedback. This feedback can then be passed to the company’s IT department to fix the vulnerabilities that were uncovered.
Cyber insurance is going to be crucial going forward. Just like trucking companies need to get general liability, cargo insurance, bobtail truck insurance, physical damage, and cargo insurance, they will also need cybersecurity insurance.
The companies they work with will expect an in-depth cybersecurity plan including assessments, employees training, and appropriate protocols since cyberattacks are now viewed as an important business risk.
Cybercriminals are primarily interested in gathering information on truck whereabouts in order to steal valuable goods. Note that not all cybercriminals are out to steal data. Some are simply trying to create disruptions, but these disruptions can result in substantial costs to trucking companies and their clients.
As a result, security measures should be put in place even before the driver steps inside the vehicle. Employees should be provided with training on fundamental security problems so that they understand why specific protocols must be followed at all times and what to do if their cargo is stolen.
Trucking companies can implement a straightforward risk management framework. On one axis, they should plot the vulnerabilities they identified based on the likelihood of an attack, and on the other axis, based on the scale of their impact.
The items in the upper-right-hand quadrant that are both the most likely and have the greatest potential for causing the most harm are the ones that need to be addressed first.
Trucking companies only have a finite amount of resources they can invest in security, so it’s essential to identify the most critical vulnerabilities and develop a mitigation plan for them.
Make a Plan for Dealing with Cyberattacks
Knowing what to do in the event of a cyberattack is key. An incident response plan should address the following questions:
- Who is in charge of security?
- Who will get notified?
- Who is on the company’s response team?
- Who will conduct the investigation?
- Will the trucking company pay the ransom?
If cybercriminals uncover one vulnerability, they will typically look for it in multiple systems and exploited it repeatedly. Automated exploits are used in roughly 70% of cyber-attacks. This is a sophisticated underground business model, and our goal is to disrupt its economic incentive.
We can take the military as an example. The drones that the military uses function the same way and use the same software. This means that if one has a vulnerability, the entire fleet of drones will have the same vulnerability. The military realized that changing the software so that each drone needs to be approached differently to carry out a cyberattack will significantly increase the amount of time cybercriminals need to invest and, therefore, decrease their economic incentive.