Trucks are often seen as the lifeblood of both the logistics industry and the entire American economy. Despite the critical role these assets play in keeping the nation running, security concerns surrounding these vehicles are often overlooked. This is especially true when it comes to cybersecurity.
When people think about cybersecurity, they tend to think about industries like banking and healthcare, not trucking and logistics. This is a mistake, however, as heavy duty trucks are particularly vulnerable to cyber attacks.
“These trucks weren’t developed to be connected to the internet; they weren’t developed with cybersecurity in mind,” said Ben Gardiner, senior cybersecurity research engineer at NMFTA.“They contain control loops and diagnostic systems that will mostly do what they’re told when you send them a message.”
Those relatively simple systems may have been advantageous in the past, but they leave trucks largely unprotected against the very real cybersecurity risks present in today’s high-tech environment.
The 2016 ELD mandate was the first federal regulation to require internet connectivity in trucks. When that policy was put into effect, fleets across the nation became vulnerable to cybersecurity threats.
Not only do those threats persist, but they have been amplified by the rapid onslaught of technological solutions that have entered the market since the ELD mandate opened the door to creating more connected vehicles.
As more technology is integrated into the cabs of trucks, bad actors gain more opportunities to attack the vehicles, an event that would have ripple effects throughout the entire supply chain.
So far, there have been no public instances of truck ransomware attacks, and Gardiner hopes NMFTA can help keep it that way by being ahead of the cybersecurity curve. In order to accomplish that, however, fleets must take an active role in amping up their own security measures.
One of the biggest things fleet owners can do to protect their assets from cybersecurity risks is think critically about their telematics vendor options.
“When it comes to which ELD to deploy, the fleet should be evaluating cybersecurity as part of the procurement process,” Gardiner noted.
NMFTA has created resources in order to help decision makers navigate the intersection of telematics and cybersecurity with more confidence. Fleet representatives can reference the association’s Cybersecurity Requirements for Telematics Systems report to help guide their evaluation techniques.
When logistics leaders evaluate their partners in relation to their cybersecurity measures, the entire industry becomes more secure. Creating a truly safe supply chain, however, requires widespread participation. No single player can do all the heavy lifting.
“Fleet participation has been the key to all of this,” Gardiner said. “None of this work would be possible if we weren’t getting the carriers to the table early.”
To learn more about cybersecurity threats impacting the trucking industry, the public can attend the NMFTA’s Digital Solutions Conference in Houston from Oct. 22-25.
The conference will focus on cybersecurity threats facing vehicle and enterprise networks within the trucking industry. Attendees will hear from experts in the field from organizations like the Cybersecurity & Infrastructure Security Agency, the Department of Homeland Security and the Transportation Security Administration.