For hackers, any system with Wi-Fi, Bluetooth, GPS, or Internet connectivity \u2013 including federally-mandated electronic logging devices (ELDs) for trucking and transportation fleets \u2013 represents an enticing entry point for attack.<\/p>\n
Today\u2019s cargo fleets are integrating more and more connected technologies, bringing substantial improvements in performance. But greater connectivity also means greater vulnerability to cyber attacks \u2014 a serious threat even in boom times. Amid the current coronavirus pandemic and a sharp global economic downturn, it\u2019s now more important than ever that essential goods like medical supplies and food reach their intended destinations free of malicious disruptions.<\/p>\n
For hackers, any system with Wi-Fi, Bluetooth, GPS, or internet connectivity \u2013 including federally-mandated electronic logging devices (ELDs) for trucking and transportation fleets \u2013 represents an enticing entry point for attack.<\/p>\n
And it can work two ways. First, vehicles can be directly hacked through their internal communication networks, enabling hackers to take control of the one vehicle and the vehicle can serve as a gateway into the fleet company\u2019s IT system itself.<\/p>\n
Alternatively, hackers can enter through fleet companies\u2019 IT systems and ultimately penetrate vehicles within the fleet. By gaining access to these systems, hackers can inject harmful ransomware devastating enough to paralyze entire fleets.<\/p>\n
To protect the safety of fleets\u2019 cargo and to avoid financial ramifications, it\u2019s imperative that OEMs ensure that they implement robust cybersecurity protection. Now more than ever, people\u2019s lives and livelihoods hang in the balance.<\/p>\n
Ransomware and safety-critical systems<\/b><\/p>\n
Ransomware can prove highly lucrative for hackers \u2013 and highly damaging to networks and fleet operators that experience such an attack. The NotPetya ransomware attack<\/a>, linked to a group of Russian military hackers, is perhaps the most potent example of the havoc these attacks can wreak: Victims received ransom messages requesting payment if they wanted to unlock their files, but all computer files were encrypted anyway, with some completely erased. This particular attack cost FedEx\u2019s TNT courier delivery service nearly \u00a3221 million<\/a>, impacting both deliveries and sales.<\/p>\n More prominently, the 2017 WannaCry cyber attack disabled computers across the globe, with North Korea-linked hackers demanding locked-out users pay ransom in Bitcoin. In the United Kingdom alone<\/a>, the attack shut down computers across the nation\u2019s hospitals and cost the National Health Service \u00a392 million. Crucially, hackers penetrated below the level of IT-based cyber solutions, via a zero-day vulnerability found in out-of-date operating systems, highlighting the need for connected devices to be secure by design.<\/p>\n The implications of a similar attack on cargo fleets would be grave \u2013 particularly given how many safety-critical systems, whose malfunction could result in death or injury to the driver, are internet connected. By 2022, two in three new vehicles<\/a> in the United States will have connected safety-critical systems. Ransomware attacks on these systems \u2013 among which include brakes, steering wheels, and airbags \u2013 can stop entire fleets of vehicles from functioning\u00a0or even bring them to a halt on the highways, potentially causing significant casualties. Massive supply-chain chaos would financially harm fleet operators, as well as potentially cause billions of dollars of economic damage.<\/p>\n Understanding ransomware<\/b><\/p>\n How might hackers go about executing such an attack? They\u2019d start by obtaining a small set of target vehicles on which to practice. Hackers would then create a primary malware for infiltrating the vehicles (or fleet IT network), perhaps with the aid of a social engineering attack in which they gain access to sensitive information through malicious (if seemingly legitimate) emails. Their next order of business is finding a mechanism for actually infecting vehicles with the malware, via an over-the-air (OTA) update or through a physical connection, for instance.<\/p>\n Malware \u2013 either the primary malware or some secondary malware it has spawned \u2013 then targets the vehicle\u2019s ECU. Executed across an entire connected fleet, the ramifications could be catastrophic.<\/p>\n Even the less calamitous possibilities are troubling to contemplate. Say hackers successfully extort a ransom payment: It\u2019s possible they may simply pocket the payment and allow the attack to proceed anyway \u2013 but even if they unlock the vehicles, fleet owners will still have paid a substantial sum, likely in cryptocurrency payments that authorities won\u2019t be able to trace.<\/p>\n What\u2019s at stake for fleet owners<\/b><\/p>\n The financial costs to business go beyond any payments lost to hackers and not covered by insurance. If a shipping company has its fleet disrupted by a cyber attack, the company will experience substantial downtime between the onset of an attack and its resolution \u2013 and for many businesses, as well as the economy, downtime can prove devastating. In some cases, paying the ransom will be cheaper than going through the necessary steps to remove the ransomware, which could take weeks.<\/p>\n The risk isn\u2019t merely theoretical. After the Australian Toll Group fleet operator was struck by a ransomware attack earlier this year, it took six weeks<\/a> before deliveries and core services were returned to normal operating capabilities.<\/p>\n That attack came on the heels of a 2019 ransomware attack targeting<\/a> Pennsylvania-based trucking company A.Duie Pyle; it took days before the company was back online, and once systems were restored, the company had to rebuild all its applications. And while the financial cost was never disclosed, it\u2019s clear that the fleet operator, their customers and others in the economic shipping chain, were hurt financially.<\/p>\n To avoid a hit to business \u2013 or worse \u2013 fleet owners need cybersecurity solutions that can be implemented across their entire fleets during production as well as in the aftermarket. Because a fleet is only as secure as its least secure vehicle, it\u2019s essential that each and every vehicle in the fleet is cyber-secure. For automakers to safeguard vehicles against ransomware threats, security-by-design must be the fundamental principle underpinning every aspect of the vehicle; more importantly, for models already on the road, aftermarket solutions are necessary for all fleet vehicles. Fortunately, for manufacturers, solutions currently exist that can be easily retrofitted to existing trucks at minimal costs.<\/p>\n By providing ongoing monitoring of all messages transmitted in the vehicle network, an automotive cybersecurity solution can guard against both known and unknown threats, preventing infiltrations.<\/p>\n In this increasingly connected age, it\u2019s inevitable that virtually every organization will face a hacking attempt \u2013 and for hackers looking to maximize their impact, cargo fleets represent prime targets. Only by fortifying each vehicle in their fleet against this threat can fleet owners stop hackers in their tracks.<\/p>\n <\/p>\n By Moshe Shlisel, CEO and co-founder of\u00a0GuardKnox<\/a><\/i><\/a><\/span>