Hackers haven’t successfully broken into digitally connected trucking systems yet, but one of the industry’s biggest trade groups wants carriers to be prepared if and when it happens.
The American Trucking Associations is finalizing a cybersecurity incident reporting and response service for members that is expected to launch in 2018.
The Fleet CyWatch (CQ) service is being designed to help carriers report cyberattacks of on-board trucking data systems that could be used to infiltrate carriers’ broader information technology platforms. Carriers also can use it to report breaches of back-end platforms that could be used to damage on-board connected systems.
The ATA’s Technology Maintenance Council plans to unveil the service Oct. 23, at the organization’s Management Conference & Exhibition in Orlando.
“Trucking is in a new era of communications and connectivity, and this is very new to them and we’re trying to be in front of it,” said Ross Froat, ATA’s engineering and IT director, who is leading development of the service.
Experts have singled out cybersecurity as one of the toughest problems facing the auto and trucking transportation industries as they develop and adopt autonomous vehicle technology.
Fleet CyWatch won’t prevent cyberattacks. Rather, it’s an alert system that will be built into the ATA website to let carrier IT personnel report an incident to ATA staff who will alert appropriate contacts at the FBI, Department of Homeland Security or other government agencies. The agencies will use the same system to channel help back to carriers to deal with the attack, Froat said.
Fleet CyWatch arrives at a time of cascading cyberattacks in multiple industries, including transportation, logistics and shipping. In June, an attack triggered by the NotPetya “worm” malware all but shut down the Danish shipper A.P. Moller-Maersk for two weeks, costing it up to $300 million in lost revenue and briefly closing the largest cargo terminal at the Port of Los Angeles.
As manufacturers and equipment vendors build more sophisticated telematics and connected systems into trucks for electronic logging devices and maintenance, and companies rely on cloud-based platforms for load-matching, analytics and other applications, they become more vulnerable to attacks, Froat said.
The Society of Automotive Engineers J1939 vehicle CAN bus standard adopted by the automotive and heavy-duty truck industry has paved the way for faster communications in the microprocessor controllers that manage data from the engine, transmission and other heavy-duty truck parts. It is also used in fleet management systems. But having communications run on a single standard also makes trucks and connected truck systems more vulnerable, Froat said.
“Truck manufacturers aren’t ignorant of the situation,” Froat said. “If you talk to Navistar or Freightliner, they’ve considered cybersecurity on trucks for years.”
To the best of his knowledge, cyberattacks such as the one that sidelined Maersk or data breaches like the kind Equifax and Yahoo reported in recent weeks haven’t hit connected truck technology outside of university-run experiments to test the system security, Froat said.
But the industry could become a target.
Hackers, for example, might attack connected truck systems to gain street credibility among their peers, Froat said. Or they could attack them seeking ransomware, malware that blocks access to a network until the owner pays some type of ransom. Hackers ask for ransom in cash or untraceable virtual currency such as bitcoin before sending code that returns access to the network back to the owner.
“It’s all about getting money,” he said.