Is Trucking Doing Enough to Protect You From Cyber Attacks?

A few years ago, the most common victims of cyber attacks, malware, and ransomware came from retail and telecommunications companies.  These cyber breaches affected confidentiality, integrity, and availability of data, often resulting in credit cards information or personal data becoming available to cyber criminals.

Unfortunately, these types of vulnerabilities are still a serious concern, but now the Internet of Things (IoT) is also making manufacturing and production vulnerable.  Not only do manufacturers need to worry about the vulnerability of their products, but they also have to look for vulnerabilities in their connections with partners and suppliers.  In today’s security environment, even a purchase order received via email or an electronic exchange over some type of management system can create potential security vulnerabilities.

In large part, this is the reason so many manufacturers are starting to turn to blockchain technology.  While blockchain is making a security difference for many companies, shipping and logistics still offer many security vulnerabilities – and hackers know it.

In the last few years, the trucking industry has been hit particularly hard by ransomware and malware attacks.  One of the latest cyber attacks on a major trucking company was a malware attack against J&M Tank Lines in April, and then again in June.  Although the company was able to get their email and phone systems back up in a few hours, it was four days before it could enter anything new in the system.

Just imagine how this would impact you if J&M Tank Lines was your shipper of choice.

And this isn’t an isolated incident.  According to ZDnet, “Hackers are deploying previously unknown tools in a cyber attack campaign targeting shipping and transport organisations with custom trojan malware.”

Trucking’s vulnerabilities to cyber attack is coming from a lot of different direction, both internally and externally.  Here are just a few of the things that the trucking industry needs to worry about:

• Controller Area Network (CAN bus) – This is the system used in vehicles for communication between ECUs (engine control, air bags, etc.), sensors, and actuators. Poor security in the CAN bus provides access to a vehicle’s key systems, meaning hackers could access brakes or steering – obviously a risk when a truck in on the road.  What’s even more frightening is when the CAN bus is used as a point of entry into other systems or connected vehicles.

• Electronic Logging Devices (ELDs) – ELDs automatically keeps track of the driver’s hours of service by connecting to the engine, and most ELDs use a cellular data network connection. While many ELD manufacturers have said it’s virtually impossible to hack the devices because they’re designed to only read data, security researchers have proven otherwise.

• Internet Networks and Platforms – Anytime there are various systems interacting, such as computers, smartphones, email, third-party online/cloud based service platforms, etc. there is the potential for various points of entry into your system. Independent truckers or small trucking companies, using their own devices and systems, may increase the risk as well.

• IT Security Policies – When it comes to security vulnerabilities, the human element must be considered too. There have been several incidents where white hat testing probes have gained access to key systems by mimicking an employee.  McLeod Software told com, “The ‘hacker,’ unable to find a weakness via computer, called the company’s main phone line and went down the company directory until he found someone whose outgoing voice mail said they were on vacation for the next two weeks – then mimicked that employee’s voice to call the company’s IT help desk, saying she was having trouble logging in remotely, and got the access information needed.”

And the risk isn’t just at large transportation and logistics companies, even though large companies are the ones we often see in the news.  Small to mid-sized companies often play a key role in the shipping cycle for many manufacturers and may provide an easier entry point for hackers.  In fact, the 2018 Verizon Data Breach Investigations Report indicates that smaller businesses, over larger ones, are targeted by cyber criminals 58% of the time.

No one in the trucking industry is 100% safe.  As manufacturers, that means we’re all at risk.

When a company in the trucking/logistics industry falls victim to a cyber attack, the reach of that attack can have a very large scope.  Trucking companies tend to have diverse supply chain connections over large geographic areas.  A single shipment may transfer through several different systems and stakeholders before reaching it’s final destination, and each one of those interactions can pose a risk.

In other words, the complexity of the modern supply chain increases the risk, but there are some specific things that manufacturing must be concerned about regarding cyber attacks on trucking.

When you fall victim to a data breach as an individual, it can have a devastating impact on your life, both personally and financially.  When a business suffers a data breach, it can have a very similar impact on the company.  Overcoming the loss of financial information, employee information, or proprietary company information can be very challenging.

If you provide any kind of sensitive information to your trucking company during the course of your professional relationship, like a corporate credit card number or banking information, it can expose you to risk if the trucking company falls victim to a cyber attack.  In some cases, even a company email can expose an employee if it falls into the wrong hands.  Phishing attacks can result in the loss of everything from customer email addresses to the birth dates and national insurance numbers for employees.

There’s no doubt that data breaches are bad, but at least you can mitigate some of the damage by knowing exactly what information was exposed by the trucking company.  It’s a whole other story if the trucking company simply served as an entry point into some of your key systems.

According to a 2017 study by the Ponemon Institute, 56% of large breaches were the direct result of an initial breach into a third-party or supply-chain vendor.  If you’re using third-party networks or systems operated by any of the trucking companies, then you are at risk of being hacked.  With so many users operating in different time zones, using different devices, and potentially unprotected software, trucking is a prime target for entry point breaches other companies.

The other risk that’s often overlooked in the event of a cyber attack is the risk to your supply chain itself.  Even if your systems and information aren’t affected during a cyber attack on a trucking company that you use, that doesn’t mean you won’t be affected.

If the trucking company you work with sustains a malware attack, like the J&M Tank Lines example we used above, can you wait four days (or more) for the trucks to start running normally again?  For some manufacturers, if the trucks aren’t running, then their production lines aren’t running either.  If the company you depend on for trucking gets hacked, you’re looking at significant delivery delays.

Cybersecurity is a big problem for the trucking industry.  According to FreightWaves, “The trucking industry and its supply chain rank fifth among all businesses at risk of cybersecurity attacks as the number of possible threats against the transportation sector has grown 100-fold in just four years.”

But what are they doing about it?

While many of the larger trucking companies are clearly taking steps to increase cybersecurity, and the trucking industry at large understands the threat, it’s unclear if smaller trucking companies have taken the threat seriously.  In many cases, these companies just don’t have the resources necessary to focus on cybersecurity.  Since these smaller companies are often part of the entire logistics landscape, this continues to put us all at risk.

There are just too many variables and points of entry in the trucking industry overall to ever feel 100% secure with your trucking company, no matter how careful they are – at least not yet.

As a manufacturer, it’s obviously your responsibility to protect yourself against any kind of cyber attacks, regardless of where they originate.  IFSEC Global suggests the following:

1.  Conduct regular cybersecurity assessments.

2.  Develop strong cybersecurity policies and best practices, and then train your employees to follow them.

3.  Keep your software systems updated.

4.  Consider implementing Security Event and Incident Monitoring (SEIM) software.

5.  Create an incident response plan so that everyone knows what to do in the event of a cyber attack.

6.  Control access privileges and don’t grant access to those who don’t need it.

7.  Employ physical security best practices like badged door entry, camera surveillance and a visitor policy.

8.  Monitor external networks that may impact you.

9.  Assess your third-party vendor risk.

10.  Remotely protect data on mobile devices such as laptops, smartphones and tablets.

In addition to these security best practices, you also need to find ways to protect your production lines in the event of a supply chain interruption from a cyber attack on your trucking provider.  You really have two basic options:

1.  Employ multiple trucking companies. If one has a major interruption, your other trucking companies can temporarily take up the slack.

2.  Have a backup trucking company that you can turn to if your regular trucking company is compromised.

Lastly, the best way you can help trucking companies avoid cyber attacks is to use best practices so that YOU won’t become the point of entry for THEIR systems.  With the complexity of today’s transportation supply chain, many of us are interconnected through the trucking industry.  That means it only takes one of us to increase vulnerability for everyone – And you don’t want to be at the center of a major cyber attack with national or international implications.

The complexity of the logistics landscape, as well as the increase of cyber attacks on the trucking industry, makes manufacturers vulnerable to malware, ransomware, data breaches, and other forms of cyber attack.  While blockchain technology may help to mitigate some of those risks, the trucking industry may still leave manufacturers vulnerable.

Ultimately, all trucking companies need to view malware, ransomware, and other types of cyber attacks as a critical business risk, regardless of company size.  As manufacturers, we all must take the steps necessary to protect ourselves.