As trucking digitizes more and more operations, maintaining cybersecurity will be as vital to uptime as traditional maintenance in the shop. Take Estes Express, for example. The company’s IT infrastructure were restored about two weeks after a large-scale cyberattack, according to Webb Estes, the Richmond-based carrier’s president and COO. This isn’t a new occurrence, either. Four years ago, LTL provider A. Duie Pyle was hit by a ransomware attack.
Shutting down a fleet’s computer systems is one thing, but the major threat is hacking the trucks themselves. What was once merely a plot point in a popcorn flick is now closer to reality. At the National Motor Freight Traffic Association’s recent Digital Solutions Conference on Cybersecurity, a senior cybersecurity research engineer at the organization, Ben Gardiner, demonstrated how one could disable a trailer’s anti-lock braking system with $300 of gear.
To find out more about the growing danger, we caught up with John Menefee, CyberRisk Product Manager at Travelers Insurance, which offers pre-breach services available through a cyber policy as well as training materials and specialists to help companies proactively identify and address vulnerabilities.
Fleet Maintenance: What are you are seeing as the most common types of cyber risks that fleets have to deal with?
John Menefee: Ransomware events have increased in both frequency and severity recently, and very few industries have been spared. Threat actors look for network vulnerabilities and rarely target a specific business segment. Another common cyber threat is social engineering fraud—when an employee receives a request to transfer company funds from who they think is a colleague or customer but in fact is actually a cybercriminal.
FM: How are cyber threats changing as technology evolves? How fast is the problem growing?
JM: Cyber threats move at a brisk pace because cybercriminals are always looking for new ways to monetize their work. So they frequently change tactics, giving companies and cyber insurance providers new risks to manage and prepare for.
FM: How do cyber risks compare to other types of criminal threats for fleets, like fuel or cargo theft?
JM: Fleets face a number of challenges, such as the theft examples you mentioned. While nothing can completely eliminate the possibility of property theft, fleets can generally protect against physical risks. Cyber is different. It’s difficult to see the threat and the consequences of suffering a cyber event can drastically impact a company, disrupting operations and, in some cases, putting someone out of business.
FM: Can you explain/spell out the broader transportation stats within the report and put that into context of a fleet?
JM: The Travelers Risk Index survey participants from the transportation industry gave very similar answers to the overall respondents when it came to specific business risk concerns: 61% said they worry some or a great deal about medical cost inflation (60% overall), 59% said they worry about broad economic uncertainty (same overall percentage) and 55% said they worry about cyber risks (58% overall). Not surprisingly, the top business concern from the transportation industry survey participants was in fluctuations in oil/energy costs.
When it comes to suffering a cyber event, only 16% of survey participants from the transportation industry said their company had been a cyber victim. That’s lower than the 23% overall who said they’ve suffered a cyberattack. As for taking appropriate steps to improve network security and implementing a risk mitigation program, the transportation industry is about average when it comes to using multifactor authentication (52%), firewall protection (76%), and updated computer passwords (76%). Just over half (54%) said their company has an incident response plan, and 48% say they have a cyber insurance policy.
FM: What are the consequences of cyber risks to a fleet?
JM: They can be significant. With the industry’s reliance on technology and how computer networks and programs among vendors need to work together for companies to operate efficiently, any disruption to these systems can create serious issues. A cybercriminal that seizes control of a company’s computer system can leave the business unable to function and possibly forced to make a difficult decision if a ransomware event has occurred: whether or not to pay a ransom which can reach millions of dollars. Even with proper data backups, a company dealing with a cyber event may be out of business for hours, days, weeks, or even longer.
FM: In what ways can fleet maintenance managers and technicians in heavy-duty repair shops benefit from being proactive when it comes to cyber risks/attacks?
JM: Being proactive is key. Ensuring employees are aware of cyber risks and training workers on what to look for and how best to avoid falling victim to a cyber scheme is always beneficial and doesn’t take much time or money. Often, the message is simple: Don’t click on a link or attachment that comes from an unknown sender, confirm with a phone call and conversation if a request for payment is being made, etc.
FM: What are some best cyber practices?
JM: There are a few cyber best practices that, if implemented, can dramatically reduce the chances of a transportation company suffering a cyber event. Update passwords regularly, back up any sensitive data, patch systems when vulnerabilities are discovered. Utilize multifactor authentication (MFA) and endpoint detection and response (EDR), which can alert a company to suspect computer activity even before a cyberattack takes place. Create an incident response plan in the event a cyber event takes place. There are also cybersecurity frameworks available from government agencies like CISA (Cybersecurity and Infrastructure Security Agency) and NIST (National Institute of Standards and Technology) that can be helpful.
FM: Tell me about Travelers’ three educational programs for the business community and broader public. Who should attend and what can they expect to gain from the experience?
JM: The Travelers Institute, the public policy division of Travelers, hosts events around the country taking an in-depth look at the current cyber threat landscape and strategies to help prepare for and respond to a cyber incident. It’s an education series that features cybersecurity experts and explores ways companies of all sizes and from all industries can help protect against these evolving threats.