How Fleet Managers Can Thwart a Cyber Attack

As the new year brings fresh promises, it also carries a novel security concern; namely cyberattacks. Happening with far greater frequency than ever before in history, hackers seek to exploit firms of all shapes and sizes by infiltrating their systems and taking control of sensitive data that can be used as leverage both against them or for financial gain. Fleet managers are increasingly having to consider this risk when planning for 2023 – leaving no stone unturned when protecting valuable company information from malicious attack.

In a recent episode of the RoadSigns podcast, hosted by Transport Topics, the hosts sat down with Mark Zachos, president of vehicle solutions firm, DG Technologies and discussed what these threats can look like. Below are a few main points of that conversation.

‘Cyberbullets’

Companies are not just vulnerable to attacks on their servers and administrative functions. With the wealth of data being processed in maintenance areas, cyber criminals have struck gold with a surge of hacks targeting these departments. Zachos points out that sensitive information is especially prized by attackers – making cybersecurity more critical than ever for all businesses.

“If you’re running a commercial vehicle and that company that owns the vehicle, the data is theirs. However, that information is still valuable to the threats that are out there, the threats that are coming either from criminals, from people just trying to have fun, or phone-hacking into your equipment.

“Then there’s also the overseas threats that are coming from Russia and other countries. It’s an attack on our country. It’s an attack on a logistical system or attack on our infrastructure, just like they’re shooting bullets over in Ukraine. There’s certainly a threat of these cyberbullets coming from the bad guys and hitting us and knocking down our equipment, knocking down our logistics, making it hard for the country to function. Maybe not necessarily for ransomware. They just state that they want to hurt the United States.”

Chaos for Monetary Gain

Cybercriminals are becoming increasingly savvy, but their intentions remain the same; financial gain. Zachos has warned that increased sophistication from attackers requires correspondingly robust measures to combat them.

“It actually brings about financial rewards for those criminals. So, what they’re trying to do is to give you a hard time. ‘Unless you send me Bitcoin, I’m going to keep doing this.’ The typical attack on a fleet goes after their data in their server. It has information about the vehicle and individuals. [They collect personal and business information.]

“They take that and lock it up encrypted, and then they ransom it back to you. Now, sometimes you get it back, sometimes you don’t. But I never recommend paying ransom. Sometimes you feel compelled to. Still, the bad guys have your data and what they then do is go out to what is called the darknet and they sell it there. They get a credit card number or Social Security number for $1. They’re making money and then the next guy comes along, and says, ‘Oh, I’ll buy that off the darknet and I can create another attack.’ So very often, there’s repeated attacks on companies.”

How to Detect an Attack

The American Trucking Associations’ Technology & Maintenance Council Fall Meeting focused heavily on cybersecurity, testing technicians’ abilities to identify and combat malicious threats. Zachos, a consultant in the challenge, reported trucking companies are having increasing difficulties dealing with repair and maintenance of sensors as well as ECUs (Electronic Control Units) and wiring. The SuperTech experience provided significant insight into how such issues can be addressed effectively.

“I’ve been asked “Hey Mark, how do you know that was a cyberattack? I’ve seen that condition before that you describe, and it was a bad fuel sensor. I just replace the sensor.’ I say, ‘No, it’s not a bad sensor. I actually injected a cyberfault in there.’ So, how do you tell the difference between a conventional fault and a cyberfault, and the honest answer is, it’s very difficult. What we really want to do is to raise awareness and have people recognize it. There could be some conditions that are kind of curious. Should I report that there’s something happening on this truck? Or did something happen on the laptop that I use to talk to that truck? The telematics doesn’t jive with the communications coming off their unit. These are curious markers that there could be a cyberattack.

“These attacks that we’re talking about, these are not invented overnight. These are threats that a lot of times they’re replayed over and over again. It goes from one group of attackers to the next one. You know, the criminals are all over that. They’re not very creative. They’re pretty lazy. The bad guys learn from each other, too.”

Igniting a Spark for this Topic

Cybersecurity remains an overlooked topic in the automotive industry. Despite increasing enthusiasm for electric and autonomous vehicles, potential cybersecurity threats have failed to capture attention from executives – a reality that’s frustrating Zachos, who works closely with these advances.

“It’s interesting. There’s not a vibe going around in the room. There’s not like a, ‘Yeah! We got to do this cybersecurity.’ It’s important. But how do you catch on? Maybe we need to do some war gaming where we actually get across to the community and show what really can happen and how bad can it get and game it out. Then maybe you can get some of that enthusiasm and get some momentum built. The threats are definitely out there. I just don’t think we’re taking it as seriously as we can. We should do everything that we possibly can to train people and to stand up our guard as high as possible.

“I would say one thing that people ought to look into is what we did during the ­SuperTech competition. There were some that were very good and some that didn’t do good at all. And then there were a lot in between. Do you have that skill in the people that do the maintenance? Your maintenance operation needs to get trained and recognize that threat, and gain the skills that are needed to protect your company or your organization against that threat.”

The Future of Cybersecurity

Zachos is contributing to the TMC Annual Meeting with his work in cybersecurity, gearing up for February collaboration of shared practices.

“I think it would be useful if we get them reviewed and send them on to the organization for balloting. The contract considerations are one thing. So it’s an idea that when you’re buying new equipment, be it a truck, computer, here are the things that you ought to do in the acquisition process to maybe have your vendors be aware of. Because it’s just not starting within you. There’s the supply chain all the way down to the computer chip level. It’s having that control and understanding where you are getting your chips. Sometimes those chips are counterfeit and sometimes, they do have viruses or something implanted. There are legitimate cases of that.

“This is a supply chain issue. You have to have trust down to the lowest level of vendor. You have to trust that they have good cybersecurity practices. You may recall the Colonial Pipeline hack that occurred recently. There was a breach in one of the computers that was controlling the pipeline and controlling some of their operations. And in terms of how that affected the end customers, the hackers shut the pipeline down. They were not getting fuel and couldn’t deliver the fuel. There was a big chain there. So, my point there is that the chain of custody just doesn’t stop in your shop. It has to go all the way through your operations and then to talk to your vendors and to their suppliers as well.”

 

Source: ttnews