Trucking Grapples With Evolving Cybersecurity Threats
[Stay on top of transportation news: Get TTNews in your inbox.]
The trucking and logistics sectors face an increasingly evolving cybersecurity landscape as more operations become integrated with computers.
“The attack space where a bad guy can find opportunities and get into your system, that space has expanded with the use of technology and the newer things coming into the vehicles,” said Mark Zachos, president of vehicle diagnostics company DG Technologies. “We want to protect the vehicle, and the systems, and the back offices and all of that. The boundary probably hasn’t moved, but the space inside of it has increased.”
The 2023 Travelers Risk Index found 55% of transportation leaders were worried a lot or at least somewhat about cyber risks. But the concern mirrors the rest of the economy, with the index noting that cyberthreats were one of the top three business concerns for the ninth straight year.
“Nearly 25% of this year’s survey participants said their company has been the victim of a cyberattack, and nearly half of those incidents have taken place within the past 12 months,” said John Menefee, CyberRisk product manager at Travelers. “Cyber criminals look for network vulnerabilities. Once found, those vulnerabilities can be exploited for monetary purposes.”
The Cybersecurity and Infrastructure Security Agency assists government agencies and private sector organizations in addressing cybersecurity issues, including providing threat and mitigation information for implementing risk management plans.
“As we become increasingly dependent on technology designed to make our lives easier and more efficient, we also become more exposed to vulnerabilities,” said Sandra Radesky, CISA associate director of vulnerability management.. “CISA works with our government and industry partners in the transportation sector to ensure organizations understand the risks they face.”
Kevin Linardic, chief technology officer at Carrier Logistics, doesn’t believe the nature of the threat has changed because of technology. The goals of the criminals are the same as well as the impact on their victims, he observed.
“Bad actors will take advantage of any shot they can at gaining access to somebody and making trouble,” Linardic said. “I really feel it’s just across the board and not just because there’s more technology out there.”
The 2024 Third-Party Logistics Study on Oct. 2 found that 87% of shippers and 94% of third-party logistics providers agree adopting emerging technologies is vital to future supply chain growth. It also found companies are more willing to collaborate. Penn State University professor John Langley authored the study with NTT Data and Penske Logistics.
“While we have seen significant improvements in supply chains regarding the quality of relationships among participating organizations, this in itself can increase the risk of incurring cybersecurity threats,” Langley said. “One way to prepare an offense that may help to avoid such occurrences would be to have a cybersecurity strategy that spans individual supply chain relationships and for the end-to-end supply chain as well.”
Estes Express Lines confirmed that its computer systems were the target of a cyberattack Oct. 3. The Richmond, Va.-based carrier stated it still was able to move freight. Transportation technology provider Orbcomm also confirmed it was hit with a ransomware attack Sept. 18. But these types of incidents also require the use of technology to detect and address.
“We actually would be safer with that increased technology because now we have the ability to shut that vehicle down in a safe manner, whereas if you’ve got a human that’s overtaking that vehicle, you don’t have the ability to do that,” said Ryan Powell, senior vice president at Velociti. “We’re actually maybe mitigating risk by having additional technology.”
The Federal Motor Carrier Safety Administration also helped spur industry adoption of technology through its electronic logging device mandate in 2017. This meant carriers that hadn’t yet switched from paper logs had to implement ELDs to verify driver hours.
Supply chain and procurement consulting firm Proxima found a 700% increase in cyberattacks across the supply chain since their implementation.
What does it take to become the best technician in the country? Hear from two experts who supervised the exams at TMCSuperTech. Tune in above or by going to RoadSigns.ttnews.com.
“There’s definitely a significant increase in terms of the overall risk of these threats,” said Spencer Shute, principal consultant at Proxima. “When you think about the overall supply chain, and specifically the transportation networks, they’re historically fairly archaic and simplistic technology-driven companies. But the ELDs have really started to change a lot of that.”
Risk management firm Overhaul found in its second-quarter report Sept. 25 that cargo thefts increased 15% year-over-year to 132 reported incidents. Strategic cargo thefts drove the trend, with deceptive pickup increasing three-fold from the previous quarter to 24% of all incidents. Strategic tactics tend to use technology such as load boards to fraudulently redirect cargo.
“Now we’ve got so many different types of strategic thefts,” said Danny Ramon, intelligence and response manager at Overhaul. “A lot of these folks are well ingrained in the logistics industry already. They know how the supply chain works. They are adept at registering multiple USDOT and [motor carrier] numbers at once and they can adapt the methods that they use at a moment’s notice.”
Want more news? Listen to today's daily briefing below or go here for more info: