The trucking industry is not immune to cyberattacks. Cyberattacks threaten every company, from large to small, and from healthcare to logistics. The time to prepare for cyberattack is before it happens, not after, said Mark Zachos, president of DG Technologies, in a recent HDT Talks Trucking interview.
“Hackers have discovered that the port in your truck is a very inviting target,” he said. “You may log in to that port to get your trouble codes and diagnostic information. The bad guys use that connection to do things like a denial of service attack.” (When legitimate users are unable to access information systems, devices, or other network resources due to the actions of a malicious cyber threat actor.)
As the leader of DG Technologies and chairman of the Technology & Maintenance Council Task Force on Cyber Security, Zachos has his finger on the pulse of cybersecurity and what’s needed to harden security on diagnostics and telematics ports on trucks.
“We look for places to secure assets and stay ahead of the bad guys,” he explained. “Securing diagnostics is the starting point. From there, we need to secure the rest of their ecosystem, from the cloud to their third-party providers.”
How Big a Threat are Cyber Attacks to Trucking Companies?
The Department of Homeland Security says that transportation and logistics is critical to the infrastructure of the United States. This makes it a prime target for cyberattacks.
“We might argue that hospitals and other essential service providers are as well,” Zachos said. “But it’s even more important to protect our logistical assets against cybersecurity attacks.”
An attack on logistical assets can prevent the delivery of fuel to service stations, transport of food to the supermarket, delivery of critical pharmaceuticals to hospitals, and raw materials to manufacturing plants.
“If you cannot go to the supermarket or gas up your car, it’s going to go downhill quickly from there,” he said.
In 2017, FedEx suffered a significant malware attack that limited operations for months. More recently, Seattle-based logistics giant, Expeditors International of Washington, suffered a cyberattack that shut down most of its operating systems. The company reported “limited ability” to conduct operations — a significant impact given that it manages freight movements by air, sea and ground transportation in over 300 locations across the globe.
If companies this large can be crippled by cyberattacks, imagine what an attack might do to a much smaller company, Zachos stressed.
“Smaller fleets are more vulnerable than they think,” he said. “If the bad guys can attack the big guys, they can attack a handful of small fleets. They want to cause panic by shutting things down.”
Smaller fleets — those with 10-20 trucks — make up the bulk of the trucking industry. Most of these firms know of the problem but think hackers will hit the big guys first.
“They think, ‘I’m a little fish in a big pond. Why would they go after me?’” Zachos explained. “But the trouble is, there are lots of fish, and the nets these attackers cast are easy to throw in the water. It’s very easy to get at least the small fish hooked.”
That being said, the big guys are also vulnerable to cyberattack. Larger carriers and fleets are a big target for “advanced persistent threats.” In these attacks, a hacker beaches and maintains unauthorized access to the targeted network and remains undetected for a long time. The hacker monitors, intercepts, and relays information and sensitive data during that time.
Hackers might want to know when a large shipment of weapons is going to Ukraine, for example, and to discover when the trucking company is picking up the shipment and dropping it off at port. They also want to gain back-door entries into even bigger fish. With the arms shipment, for example, the hacker may look to gain access through the carrier’s network into U.S. Department of Defense.
“But it doesn’t have to be weapons or munitions,” he said. “It could be food, water, toilet paper. It is about projecting power and sustaining power over time.”
Discovering a Breach
All fleets are vulnerable to cyberattacks. The most common types are:
- Malicious or unintentional backdoors into software
- Malware attacks
- Unauthorized ERP access
Though cyberattacks are common, discovering them takes a little more time and effort, Zachos said.
SolarWinds, a company that provides large-scale information technology software and services to businesses and government agencies, suffered a malware attack in 2019. But the breach wasn’t discovered until 2020, when a software analyst reviewing data logs detected some strange happenings and reported it.
“By that time, it could be too late,” Zachos said. “There is a ton of merit in keeping track of network traffic logs. It might not be able to prevent the initial attack. But it will help professionals reconstruct it and find out what prevented it from happening again and to recover some of your data.”
Make Prevention a Cybersecurity Focus
A good prevention strategy helps ward off cyberattacks before they happen. This includes training programs and policies that get updated as new threats arise. Companies should put all employees through this training to ensure everyone knows the steps to take to protect confidential and proprietary information.
Just as carriers train employees on safety, they need to train them on good cyber hygiene, according to Zachos. Employees need to know how to develop secure passwords and protect proprietary information online.
“This training is not hard and does not cost a lot of money. It just takes time, energy and diligence,” he said. “You can find free resources from the U.S. government to help you. You don’t have to pay a lot of money. You just need to practice, practice, practice.”
Companies that keep backups of their data also improve their cyberattack resilience.
Hackers “want your data,” he said. “They want that name, Social Security number, driver’s license number to sell on the dark web. Backing up data aids in incident response and recovery.”
Listen to the full podcast: