Protecting Your Fleet Against Cyber Threats

The trucking industry may not seem like a prime candidate for cybersecurity attacks but make no mistake—hackers are increasingly looking at trucking companies as an inviting target, especially because of the critical role they play in logistics and the supply chain.¹ And with cyberattacks getting more expensive, it’s imperative to have a cybersecurity strategy in place. 

Transportation companies are relying more on sophisticated technology—from telematics and mobile devices, to email and connected vehicles—to help enhance productivity, reduce costs, increase safety and streamline operations. However, that also opens fleets up to more advanced cybersecurity threats by increasing the number of potential vulnerabilities.

While organizations like the Society of Automotive Engineers (SAE) have published cybersecurity industry standards for OEM automakers to follow when designing and manufacturing new vehicles, there are still many ways that connected cars and other vehicles can be exploited.² Proactively evaluating potential security risks and subsequently putting the right security solutions and protocols into place can enable your fleet’s cybersecurity to keep pace with its digital transformation goals.

What are the most common connected fleet cybersecurity threats to look out for?

According to an article by Heavy Duty Trucking, software backdoors, malware and phishing attacks are a few of the most pervasive types of cybersecurity threats. These types of cyberattacks can wreak havoc on businesses, potentially resulting in data loss, data breaches, system outages and other interruptions that can lead to unnecessary downtime and lost revenue.³

However, a newer issue is that discovering that a cyberattack or data breach has occurred is becoming more challenging and requires more time and effort. For example, the much publicized SolarWinds cyberattack actually took place in 2019, but wasn’t discovered until a year later.¹ 

In the unfortunate event that a cyberattack does occur, particularly a ransomware attack, most experts agree that businesses should not pay the ransomware blackmail, since that only encourages attackers to get more aggressive.⁴

Looking for a software that helps protect your fleet against cyber threats? Use our free Fleet Management Buyer’s Guide to find the right solution for your business.  

Are there any ELD-specific security concerns?

When the Electronic Logging Device (ELD) mandate came into effect, a host of companies offering ELDs flooded the market. This means fleet managers have a new data security issue to contend with—making sure the ELDs they deploy are safe from hackers and potential data breaches.⁵ 

Here are some points to keep in mind:

• ELD units pose the same risks as other telematics systems, but fleets should take particular care to secure the physical device as well.⁵
• Make sure the devices don’t provide administrative access without proper authentication.⁵
• According to an FBI bulletin, cyber criminals can use insecure ELDs to gain access to a company’s network or install malware or ransomware.⁶
• Warning signs that your ELD may be compromised include an increase in non reproducible equipment performance or maintenance issues, unexpected incoming remote connections on the ELD networking log, or unusual traffic or file sharing on the company network.⁶
• Fleets are advised to make sure their ELD provider has third-party validation and follows cybersecurity best practices.⁶
• While the Federal Motor Carrier Safety Administration (FMCSA) does not endorse any electronic logging devices, it does provide a list of registered and revoked ELDs.

How can companies protect against cyber threats?

Ultimately, prevention is the best method of protecting your employees, your business and your fleet from a cyberattack.

So, what can fleet owners and managers do?

• Implement cybersecurity training programs, so employees know how to recognize and respond to potential threats.¹
• Back up your data and keep it in a secure location—ideally the cloud.⁴
• Make sure that software, firmware, operating systems and applications are updated regularly to protect against vulnerabilities.⁷ 
• Conduct regular security risk assessments to identify vulnerabilities and gaps.⁴
• Keep an eye on outgoing data and intrusion detection.⁷
• Embrace encryption and multi-factor authentication.⁷
• Create a robust incident response plan that outlines what steps to take if a cyber attack takes place, and defines who will be involved.⁸

Want to learn more about how to protect your fleet from cyber threats? Read our blog for tips on preventing attacks.

¹ https://www.truckinginfo.com/10189293/protect-your-fleet-against-the-growing-risk-of-cyber-attack 

² https://www.sae.org/news/press-room/2021/09/sae-and-iso-publish-joint-automotive-cybersecurity-standard

³ https://www.truckinginfo.com/352987/dont-let-your-trucking-data-be-held-hostage

⁴ https://www.truckinginfo.com/10181700/data-security-now-a-must-do-for-companies-forever

⁵ https://rosap.ntl.bts.gov/view/dot/49248

⁶ https://www.truckinginfo.com/10123379/fbi-bulletin-puts-spotlight-on-elds-and-cybersecurity

⁷ https://www.dol.gov/sites/dolgov/files/ebsa/key-topics/retirement-benefits/cybersecurity/best-practices.pdf 

⁸ https://www.nhtsa.gov/sites/nhtsa.gov/files/2022-09/cybersecurity-best-practices-safety-modern-vehicles-2022-tag.pdf