The National Motor Freight Traffic Association will host its annual Digital Solutions Conference on Cybersecurity from Sunday, Oct. 22, to Wednesday, Oct. 25. NMFTA, a nonprofit membership organization, represents the interests of less-than-truckload carriers across the nation. The organization provides services to the industry through classification standards and support for cybersecurity, which the conference will address. The event is open to all trucking industry, supply chain, and cybersecurity professionals.
The conference is timely, considering the increase in cyber threats over the years. Hackers have proven to be more sophisticated in technique, and the trucking and logistics sectors are particularly vulnerable. Estes Express Lines (No. 11 on FleetOwner 500: Top For-Hire Fleets) experienced a cyber breach just earlier this month, impacting the company’s main communication channels, including phone and email at its terminals, customer service and employee emails, as well as many of its systems, according to information posted on the Estes website. Although it’s still functioning, Estes is still working to completely resolve the attack.
See also: How to protect critical infrastructure from costly cyberattacks
What’s more, cyberattacks can be even worse against midsized companies. StrongDM, a company that helps organizations manage and audit access to their web applications, databases, clusters, and servers, reported that “46% of all cyber breaches impact businesses with fewer than 1,000 employees,” and in 2021 alone, 61% of small to midsized companies were victims of cyberattacks.
“Approximately 90% of hacks occur through phishing and misconfigured networks/devices,” said Antwan Banks, director of enterprise security for NMFTA. “Because of recent geopolitical events, attacks have become more aggressive and skilled. As a result, companies need to prioritize cybersecurity internally to be proactive before a threat occurs … While implementing such a system can seem overwhelming, we instruct professionals to begin with low-hanging fruit initiatives.”
NMFTA’s initiatives include:
- Routinely train all employees to identify cybersecurity threats and the necessary steps to take should one occur.
- Routinely scan all internet-facing networks and devices to identify vulnerabilities before an attack occurs.
- Conduct tabletop exercises to develop a cybersecurity strategy in case of an attack.
- Install immutable backups that cannot be impacted during a cyberattack, and test those backups regularly for accuracy.
- Segment the network so that if a hacker can access it, they will not have free reign over all networks.
“When companies choose to take these steps to prevent or minimize the impact of cyberattacks and implement a dedicated team to handle this business sector, they can be successful like Estes,” Debbie Sparks, executive director for NMFTA, said.
A recent survey of 1,200 participants from small-, medium-, and large-sized companies was conducted for the 2023 Travelers Risk Index. More than half (58%) of transportation leaders disclosed they were worried about cyber risks, and nearly one-quarter of respondents (23%) said their company had already suffered a cyberattack. The survey also disclosed that for the ninth year in a row, cyber threats were one of the top three business concerns. But regardless of the cyber risks, the 2024 Third-Party Logistics Study confirmed that 87% of shippers and 94% of third-party logistics providers agree that to see future supply chain growth, emerging technologies must be adopted.
See also: Connected vehicles produce vulnerabilities, among them are EV chargers
Banks said that as technology continues to evolve—and as companies more widely adopt that technology—hackers will continue enhancing their strategy “as it pertains to infiltrating the networks of companies across various industries.” To help LTL companies combat this, Banks said that NMFTA provides resources for best security practices, incident response, and ransomware. Additionally, industry practitioners from the federal government and commercial companies will attend the conference and discuss “the best tools and procedures” for protecting networks.
“As we have seen the importance of digitizing our industry, we have also recognized that trucking organizations will face vulnerabilities from cyber attackers if they don’t take the right steps to protect themselves,” Sparks said in a press release.
Sparks also emphasized the importance of speed, noting that once a compromised company can safely share the details of its cyberattack, the industry benefits from the information.