Cybersecurity in the trucking industry
By Carter Hammett
Trucks and trucking have never been more connected than they are today. With connectivity running through everything from electronic logging devices (ELDs) to mobile apps to GPS, logistics have improved, safety’s been increased, and ultimately, money’s been saved.
Corresponding with these advances, however, is the increased risk of cyber attacks. In December 2020, for example, a trucking and freight logistics company was attacked with a Hades malware infection that forced the company to remove its entire IT system offline while it tried to find solutions.
Another recent example of this occurred with US-based Titan Transfer which experienced “total disruption of its day-to-day operations for four days” after it felt the impact of ransomware last year.
Drivers and fleet owners alike need to be proactive to ensure cargo arrives at its destination intact. One of the main objectives of cybercriminals is gathering intel about where truckers are located so they can make off with cargo. Employees need to be trained around basic security issues to ensure they follow the proper procedures in case cargo is stolen.
But that’s not the only thing cyberattackers want. Hackers may not just be interested in your data, they might be interested in your customer base so they can be attacked as well.
Ransomware is probably the most common form of attack used by cybercriminals. But whatever form the attacks take, it can seriously disrupt your business when your client can’t locate their freight or the driver can’t move it.
A lesser-known but equally harsh threat is something called social engineering. Here, an organization may receive an email from what appears to be a trusted client asking for funds to be wired into a new bank account. By the time the company learns it‘s been duped, it’s often too late.
It’s fairly obvious that many fleet owners aren’t doing enough to protect their technology systems, so the question becomes what can be done to lessen threats to your IT systems?
For starters, constantly review your IT departments and make updates as needed. A cybersecurity plan should be in place and can include variables like procedures for logging into company systems. Employee education is a critical ingredient.
The more awareness your team has regarding cybercrime methods, the better your defence system. Safeguards like firewalls and multi-step authentification can also be positive steps towards lessening an attacker’s impact as can chunking out different parts of your company’s network. If one piece of the pie is attacked, the threat won’t affect your entire system.
Have in place a disaster recovery plan in the event you’re hacked. It’s always advisable to use a cloud-based system and/or create backups for your software as well as encrypting all emails that contain sensitive or important information. And don’t forget to train employees to recognize phishing emails while reminding them to create strong passwords.
Likewise, drivers can take preventative measures such as regularly contacting dispatch for check-ins, being trained against theft and requesting ID from those unloading trucks. Safety technology can enhance a driver’s security such as the GPS tracking systems that sound an alarm when a truck deviates from its route.
A 2019 survey entitled Eye for Transport, implied that that fewer than half of all trucking and logistics companies had a chief of security. If these companies don’t have a security lead, then chances are they don’t have a disaster relief plan in place either.
As the industry evolves and the interconnectedness of things becomes more common, the more the industry leaves itself open to attack. It’s a rude reality to think that cybersecurity needs to keep up with a host of ever-changing vehicle technologies. Having contingency plans in place will limit the threat of safety and promote harmonious growth in the trucking industry.