[Stay on top of transportation news: Get TTNews in your inbox.]
ARLINGTON, Va. — Harold Sumerford Jr.’s first brush with a cybersecurity malware attack began with a 3:30 a.m. phone call from the headquarters of his tank truck firm in Birmingham, Ala.
“I was up here in early April for a call on Washington,” Sumerford, CEO of J&M Tank Lines, recalled at a cybersecurity conference at American Trucking Associations’ D.C.-area headquarters June 26. “They told me that malware came in and shut us down. They had a $250,000 ransom and they wanted to know what I wanted to do.”
Nathan Johnson (from left), Harold Sumerford Jr. and Ross Froat by Rachel Akpotu/Technology & Maintenance Council
Sumerford said there was no way he’d pay a ransom. “I thought we’d be up and working again by morning,” he said. Instead, it took four days for a team of tech experts working 24 hours a day to bring the company systems back online.
Two months later, J&M was again hit with a malware attack — but that time the company was better prepared, he said.
Sumerford was sharing his experience with the growing problem of cyberattacks by bad guys. He spoke at a daylong conference on fleet data management and cybersecurity strategies hosted by ATA’s Technology & Maintenance Council.
The cybersecurity session included experts ranging from the FBI and U.S. Department of Homeland Security to the Transportation Security Administration and the Auto-Information Sharing & Analysis Center, who outlined what truckers can do to protect themselves from cybersecurity breaches, and what their groups can do to help should one occur. They emphasized that victims should not be embarrassed, but take action by hiring experts to get information systems back online.
“The FBI does not encourage you to pay the ransom,” FBI cybersecurity expert Anthony Lichiello told the roughly 100 conference attendees. “There is some percentage of successful payments made and data being decrypted that is no longer in its encrypted form. It would take your kids probably 30 minutes to find it on the internet. What the FBI would encourage you to do is have multiple stages of backup.”
Steven Geraldo, a cyber analyst with the Department of Homeland Security, encouraged cyber victims to call on DHS Cybersecurity and Infrastructure Security Agency experts.
“Sometimes companies or organizations are afraid to initially call one of our CSIA experts,” Geraldo said. “But once they come on board and they see what they’re trying to do to help them, more often than not they say, ‘Hey, come back next year to see what we’ve been able to fix since the last time you came out.’ ”
Nathan Johnson, senior vice president and chief information officer for Werner Enterprises, encouraged truckers to back up their systems and train their employees on how to protect themselves from attack.
“We get about 140,000 e-mails a day,” Johnson said. “Of those, 60,000 are spam, and 30 are truly sophisticated malware phishing attempts.”
Johnson said a Verizon study of cyberattacks found that 93% of them start from e-mail and social media. “We’re trying to train to prevent this. We’ve been able to isolate some of the attempts because we’ve been working at this for three or four years,” he said.
TMC’s 2019 Fleet Data Management and Cybersecurity Conference is underway! The conference includes a deep dive into Vehicle Maintenance Reporting Standards (VMRS), cybersecurity issues with today’s equipment and much more! https://t.co/23916EyjwD pic.twitter.com/hbMT0uajC5— Technology & Maintenance Council (TMC) of ATA (@TMC4Trucks) June 26, 2019
Ross Froat, ATA’s director of engineering and information technology, encouraged truckers to join ATA’s Fleet CyWatch website, an information sharing and reporting site that already has 6,000 ATA motor carrier member subscribers. Froat said that when a carrier gets hacked, it can report the intrusion through the site. From there, the report will be forwarded to a number of FBI and Homeland Security cyber divisions.
“They are your first line of defense when you have an issue,” Froat said.
“Within TMC we want to open up a communication environment,” said Mark Zachos, president of DG Technologies and Chairman of TMC’s Cybersecurity Issues Task Force. “Let’s share information that’s already been developed and maybe we can make it better.”