Special Coverage
Presented By


TMC 2024


Serjon Warns of Cybersecurity Risks for Motor Carriers

ELDs Can Be Compromised, Spread Attack Across Network
Serjon's Urban Jonson
Serjon's Urban Jonson says attacks on motor carriers could stop trucks from moving and create traffic jams. (John Sommers II for Transport Topics)

[Stay on top of transportation news: Get TTNews in your inbox.]

NEW ORLEANS — The rise of cybersecurity adversaries and the confirmation of potential security flaws in technologies deployed by fleets underscores the urgent need for motor carriers to take these threats seriously, a cybersecurity expert told industry reporters.

“Most small businesses do not stay in business longer than six months following a cyberattack,” said Urban Jonson, senior vice president of information technology and cybersecurity services for security training firm Serjon LLC.

At a March 3 press conference at the 2024 Technology & Maintenance Council Annual Meeting and Transportation Technology Exhibition, Jonson cited new research at Colorado State University showing it is possible to compromise electronic logging devices remotely and, once compromised, use them to compromise other devices on the same provider network.

“This could result in an attack against a large number of devices at scale, where one device would attack and compromise others who then, in turn, would attack others, rapidly spreading the attack across the entire provider network,” Johnson said, describing a type of automatically propagating malware known as a computer worm.

Jonson said the research comes after a Feb. 7 advisory by the U.S. National Security Agency indicating a significant interest by the People’s Republic of China in being able to impact and cripple U.S. infrastructure, including trucking.

“Given the essential role trucking plays in the U.S. logistics and supply chains, this is a serious national security risk,” Jonson said. “Trucking companies must assess their cybersecurity risk and take proactive measures to improve their cybersecurity posture.”

Most small businesses do not stay in business longer than six months following a cyberattack.

Cybersecurity expert Urban Jonson

Serjon's Urban Jonson

The trucking industry experienced several high-profile cyberattacks in 2023, he said, “including successful ransomware attacks against large, mature trucking companies.”

Attacks on motor carriers can not only cripple a company’s operations, but could even potentially stop trucks from moving and create traffic jams, Jonson said.

Last year, in response to increasing cybersecurity threats and attacks on businesses, Serjon expanded its existing advisory services by creating an online cybersecurity training and certification program. The company also can assist companies that have been hit by ransomware.

“We recognize that our target audience is primarily focused on running their own business, and they may not have a plan or resources to protect their systems adequately and include resilience in their planning,” Jonson said.

Want more news? Listen to today's daily briefing below or go here for more info: