Trucking Faces Increasing Threat of Cyberattacks

Crimes Involving Ransomware Are on the Rise
NMFTA cyberthreat panel
NMFTA cybersecurity panelists (from left): Antwan Banks, Ernesto Ballesteros, Shelly Thomas, Takeda Parker-Bradford of the Transportation Security Administration, and Clarke Skoby. (Connor D. Wolf/Transport Topics)

[Stay on top of transportation news: Get TTNews in your inbox.]

HOUSTON — The trucking industry is seeing an increase in cyberthreats as the problem becomes more prevalent across the economy in general, experts said Oct. 23.

The National Motor Freight Traffic Association hosted the discussion as part of its Digital Solutions Conference. The two-day event brought together transportation and cybersecurity experts to identify issues and talk about best practices.

“The work that we’re going to do over the next two days is essential,” NMFTA Executive Director Debbie Sparks said. “We want to grow, we have the bandwidth to grow to do what it is that the industry needs us to do to get there, and it needs to happen quickly. We are expanding every day. We want your ideas, your feedback. But this is just the beginning.”

Sparks stressed the importance of industry stakeholders coming together to figure out how to solve the cybersecurity problems that the transportation industry faces. She warned the industry needs to be prepared with how quickly the security landscape is changing.

Debbie Sparks


“The next five years are going to be changing dramatically,” Sparks said. “Some of you, this isn’t your very beginning, you’ve been in this a long time. But it’s going to be happening very quickly. We’re seeing that with more cyberattacks, but it’s even bigger than that; it’s even how we set ourselves up operationally and how we’re prepared to take on these operational changes.”

Sparks then invited a panel of cybersecurity experts from outside the industry to discuss the evolving threat and how companies can best prepare for it. The panel stressed the importance of awareness training as people tend to be vulnerable regardless of the system.

“2023 has been an interesting year from a ransomware perspective,” said Shelly Thomas, senior vice president at risk management firm Marsh. “We’ve seen our highest numbers in Q2 since 2020. We actually saw our largest ransom demand earlier this year, around $175 million.

“That was negotiated down, but just kind of showing you the depth and breadth of those ransom demands. I would also say that privacy is another area that’s continuing to evolve.”

Thomas warned that organizations need to be aware of wrongful collection of data. She has discussed with clients making sure there is proper consent for what they plan on doing with that data to ensure privacy and avoid litigation.

“I would say the ransomware and privacy are definitely the biggest trends that we’re seeing just from an industry and attack perspective,” Thomas said. “But I think that a lot of work that’s been done over the last 18 to 24 months from a security posture has helped.


Trimble CEO Rob Painter discusses the company’s continued investment in the freight transportation industry and its vision for a more connected supply chain. Tune in above or by going to  

“In order to get meaningful cyber limits, you had to have certain controls in place. … I think that’s helped organizations recover quicker in the event of an incident.”

Thomas also stressed the importance of training when it comes to combating cyberthreats. But she added that it’s important that the right tone is set from the top down to ensure employees understand the importance of security during and outside of work.

“I will tell you folks, just by-and-large, regardless of what sector you’re in, we are seeing all kinds of attacks that are occurring,” said Ernesto Ballesteros, the state cybersecurity coordinator for Texas at the Cybersecurity and Infrastructure Security Agency. “Ransomware is probably the biggest one out there in the public sphere.”

Ballesteros added that a lot of these attacks are done through social engineering methods such as phishing. That involves criminals attempting to manipulate people into handing over money or personal information. Phishing is when that is done by sending fraudulent digital communications such as an email that is disguised to appear like it’s coming from a trusted source.

Want more news? Listen to today's daily briefing above or go here for more info

“A lot of people use the same password at work as they do for their personal stuff, and sometimes the websites that you use for your personal stuff get compromised,” U.S. Secret Service Agent Clarke Skoby said. “They’ll create an inbox rule and it’ll be any email that in the subject line says bill or invoice, send that email directly to RSS feeds. And so, the victim never sees that email go in and it goes to another folder that you never check. The attacker then goes in, checks RSS feeds, he sees those emails, and then he’ll re-create those emails.”

Skoby added that the attacker will then create their own bill and website that look legitimate. The attacker from there may communicate something about their banking information has changed to get the victim to send money to the fraudulent account.

“The value proposition of training cannot be overstated as far as user awareness,” Ballesteros said. “You have a lot of machines, particularly those that are internet-facing, that have vulnerabilities, that end up being exploited one way or another and essentially open the door for threat actors to get into your operating environment.”