Photo: Pop Nukoonrat via Dreamstime
Cybersecurity Photo Pop Nukoonrat Via Dreamstime 5eba9296addd5

Trucking remains a top target for cyberattacks

May 12, 2020
As cybercriminals play on the fears prompted by COVID-19, the commercial trucking industry should brace for an uptick in cyber breaches and possible ransomware attacks.

Reports of truck fleets being hit by ransomware attacks and other cyber breaches aren’t exactly new news. However, as hackers play on the distractions and fears prompted by the COVID-19 crisis, trucking industry experts expect to see a surge in cyberattacks against commercial carriers.

In a blog titled “Cybercrime: Why Trucking Is A Ripe Target,” Mark Murrell, co-owner of online truck driver training provider CarriersEdge, explored the reasons why the trucking industry is an optimal target for hackers.

For one, trucking is a high dollar business, explained Murrell. “That means companies have relatively large amounts of cash or credit available, and they’re used to paying pretty big bills. If you successfully execute a ransomware attack, you can extract a higher payment than you’d get targeting small and midsize companies in other, lower dollar industries,” he wrote.

Murrell also pointed out that trucking companies typically have weak information technology (IT) policies and management; trucking companies don’t invest in modern equipment, like computers and network gear; trucking companies do minimal security training for their staff; and cybersecurity isn’t a top concern for trucking companies, at least when compared to driver and road safety.

Jane Jazrawy, CarriersEdge co-founder and CEO, told FleetOwner that cybersecurity is a hot topic to watch as many fleets’ back-office operations have transitioned to remote working amid the COVID-19 pandemic. Plus, fleet managers, front-line drivers and overall business operations have been so distracted by COVID-19, that ransomware and cyber viruses may not be top of mind at the moment.

Protecting personal, professional data

CarriersEdge just released a course to help truck drivers and office staff better understand how to protect personal and company information from cyberattacks.

“With COVID-19 and back-office staff working from home, all of those security precautions that you may or may not have had at the office are gone,” explained Jazrawy. “You are logging in from your possibly unprotected router, so there is a higher risk since you are not in an office where things are locked down by a central IT department.”

Besides the potential for a spike in ransomware attacks, Jazrawy noted there has been an uptick in phishing attempts where people receive deceitful messages via email and text that are meant as clickbait. Jazrawy urged to keep a watchful eye for such attempts, as hackers use these tactics to gather information. More recently, there has been an increase in COVID-19 hacking attempts that play on fear and greed, she added.

Cybercriminals attempt to obtain business’ data by hacking directly into the system through IT deficiencies and by targeting employees. Jazrawy explained that fleet managers should train employees on how to protect themselves and the company from a breach.

“It’s much easier for a hacker to convince someone to click on a link and spread a virus than for them to try to force their way into the back-office system that is run by IT,” she said.

On the road, the best way for commercial drivers to protect data is to use strong passwords and not respond to or click on suspicious links in text messages and emails. The problem, however, for both drivers and back-office staff are there are so many passwords to remember. Jazrawy suggested using a password manager to securely organize and remember passwords.

She advised using strong passwords—with multiple characters—and that drivers should use a virtual private network (VPN) when relying on public Wi-Fi.

“My personal opinion is that many people don’t think about it at all, but hackers are ready,” Jazrawy said. “The difficulty with hacking is they may go into your system and it’s not immediately obvious. A cybercriminal won’t immediately try and do something. The hacker will look around and see if it’s worth it or see how much they can get.”

Jazrawy pointed to some of the telltale signs of a breach:

  • Messages that don’t make sense signal that a hacker is trying to infiltrate.  
  • Microcharges on credit cards and statements could mean a cybercriminal is testing the waters.
  • Unexpected or alarming messages from known people; don’t ignore strange behavior. 
  • Data that appears when it shouldn’t is a clue that something could be wrong.  

“Most of the time you’re not going to know until there is an attack. It’s a lot like COVID-19. You don’t know for a week until you have it,” Jazrawy warned.

“Keep your eye out when it’s not a trusted source and pay attention like you would in a dark alley because a cyber attacker is the cyber equivalent of an attacker in a dark alley,” she added. “You don’t know where they are, they will show up out of nowhere, but as long as you’re prepared for it and looking out for it you will probably be OK.”

Protecting equipment, freight

Jerry Robertson, chief technology officer for BOLT System, a cloud-based fleet management software provider, explained that with employees working from home, company data, financials and business operations are more at risk for cyberattacks.

“It’s pretty easy for a cybercriminal or hacker to get in your network and pull data out,” he said. “Once they have that data, they have access to credit cards, social security numbers and financial systems, where they can get account numbers, routing numbers and pull money out. Or they can go in and hack your dispatch system or fleet management system and shut it down.”

Robertson advised deleting unknown and suspicious emails, and shutting down, rebooting systems and running antivirus software when something looks suspicious.  

When it comes to all the information coming off telematics devices and electronic logging devices (ELDs) in trucks, Robertson urged fleet managers and drivers to note any strange updates or activity. He added that taking more precautions, like creating stronger, more difficult passwords, and limiting outsiders’ access to company computers, is especially important.

“Hackers will likely try to log in and figure out how to track high-value freight and track where the truck is going and parking, and dropping and hooking trailers,” he said. “You want to secure and block your trailers. If any piece of equipment is left unattended, a thief can still break into the trailers. Go overboard in securing freight and in securing the information of what you are hauling.”

Robertson also suggested that in addition to using a VPN, when working remotely, power down equipment every night unless it absolutely needs to run 24 hours.

“It’s a continual battle between the different virus protection programs and operating systems Your true cybercriminals are working steps ahead of you,” Robertson said. “When you believe you have one problem solved, don’t stop, because I guarantee you they are out there working on the next version of how to break into your system.”

About the Author

Cristina Commendatore

Cristina Commendatore was previously the Editor-in-chief of FleetOwner magazine. She reported on the transportation industry since 2015, covering topics such as business operational challenges, driver and technician shortages, truck safety, and new vehicle technologies. She holds a master’s degree in journalism from Quinnipiac University in Hamden, Connecticut.

Voice your opinion!

To join the conversation, and become an exclusive member of FleetOwner, create an account today!

Sponsored Recommendations

Leveraging telematics to get the most from insurance

Fleet owners are quickly adopting telematics as part of their risk mitigation strategy. Here’s why.

Reliable EV Charging Solution for Last-Mile Delivery Fleets

Selecting the right EV charging infrastructure and the right partner to best solve your needs are critical. Learn which solution PepsiCo is choosing to power their fleet and help...

Overcoming Common Roadblocks Associated with Fleet Electrification at Scale

Fleets in the United States, are increasingly transitioning from internal combustion engine vehicles to electric vehicles. While this shift presents challenges, there are strategies...

Report: The 2024 State of Heavy-Duty Repair

From capitalizing on the latest revenue trends to implementing strategic financial planning—this report serves as a roadmap for navigating the challenges and opportunities of ...