Fending Off a Cyberattack

What Does It Actually Look Like and How to Combat It?
Cybersecurity illustration
Getty Images

[Find the latest in equipment & maintenance: Explore this quarter's issue of Calibrate]

For this new year, there are plenty of concerns fleet managers have about the future of trucking maintenance. However, an emerging problem has been the danger of cyberattacks. Once a method of stealing user and financial information, hacking into a company and organization has evolved into a tool used by criminals to hold entities hostage via the capturing of sensitive information detrimental to a company’s success and well-being.

Featured in our Transport Topics podcast, RoadSigns, we spoke with Mark Zachos, president of vehicle solutions firm DG Technologies, about what that threat looks like. Here are some of the highlights of our conversation:

‘Cyberbullets’

Zachos explained that, for most companies, protection is concentrated on the server side — mainly administrative functions. However, the maintenance area has become a bountiful playground for cyberattacks. On the importance of cybersecurity, Zachos says delicate information is worth its weight in gold for the bad guys.



“If you’re running a commercial vehicle and that company that owns the vehicle, the data is theirs. However, that information is still valuable to the threats that are out there, the threats that are coming either from criminals, from people just trying to have fun, or phone-hacking into your equipment.

“Then there’s also the overseas threats that are coming from Russia and other countries. It’s an attack on our country. It’s an attack on a logistical system or attack on our infrastructure, just like they’re shooting bullets over in Ukraine. There’s certainly a threat of these cyberbullets coming from the bad guys and hitting us and knocking down our equipment, knocking down our logistics, making it hard for the country to function. Maybe not necessarily for ransomware. They just state that they want to hurt the United States.”

Chaos for Monetary Gain

As the threats from cybercriminals grow more complex, Zachos contended that the intentions usually still remain simple: money.

“It actually brings about financial rewards for those criminals. So, what they’re trying to do is to give you a hard time. ‘Unless you send me Bitcoin, I’m going to keep doing this.’ The typical attack on a fleet goes after their data in their server. It has information about the vehicle and individuals. [They collect personal and business information.]

“They take that and lock it up encrypted, and then they ransom it back to you. Now, sometimes you get it back, sometimes you don’t. But I never recommend paying ransom. Sometimes you feel compelled to. Still, the bad guys have your data and what they then do is go out to what is called the darknet and they sell it there. They get a credit card number or Social Security number for $1. They’re making money and then the next guy comes along, and says, ‘Oh, I’ll buy that off the darknet and I can create another attack.’ So very often, there’s repeated attacks on companies.”

How to Detect an Attack

At American Trucking Associations’ Technology & Maintenance Council Fall Meeting, cybersecurity was a category in the SuperTech skills competition. It tested technicians’ skill in properly recognizing and handling such threats. Zachos, used as a consultant in the skills challenge, noted that trucking companies have experienced such real problems in terms of repair and maintenance of sensors, ECUs and wiring. He received notable feedback from the SuperTech experience.

Image
Mark Zachos

Zachos 

“I’ve been asked “Hey Mark, how do you know that was a cyberattack? I’ve seen that condition before that you describe, and it was a bad fuel sensor. I just replace the sensor.’ I say, ‘No, it’s not a bad sensor. I actually injected a cyberfault in there.’ So, how do you tell the difference between a conventional fault and a cyberfault, and the honest answer is, it’s very difficult. What we really want to do is to raise awareness and have people recognize it. There could be some conditions that are kind of curious. Should I report that there’s something happening on this truck? Or did something happen on the laptop that I use to talk to that truck? The telematics doesn’t jive with the communications coming off their unit. These are curious markers that there could be a cyberattack.

“These attacks that we’re talking about, these are not invented overnight. These are threats that a lot of times they’re replayed over and over again. It goes from one group of attackers to the next one. You know, the criminals are all over that. They’re not very creative. They’re pretty lazy. The bad guys learn from each other, too.”

Filling the Enthusiasm Gap

One point of frustration, Zachos noticed, was the lack of attention for the subject of cybersecurity. With the enthusiasm for electric and autonomous vehicles, there hasn’t been much spark for this new threat to the industry.

“It’s interesting. There’s not a vibe going around in the room. There’s not like a, ‘Yeah! We got to do this cybersecurity.’ It’s important. But how do you catch on? Maybe we need to do some war gaming where we actually get across to the community and show what really can happen and how bad can it get and game it out. Then maybe you can get some of that enthusiasm and get some momentum built. The threats are definitely out there. I just don’t think we’re taking it as seriously as we can. We should do everything that we possibly can to train people and to stand up our guard as high as possible.

Host Seth Clevenger speaks with autonomous vehicle pioneer Don Burnette about the pros and cons of driverless cars and trucks. Hear the program above and at RoadSigns.TTNews.com

Third of a three-part series on autonomous vehicles. Hear Part I here, and Part II here.

“I would say one thing that people ought to look into is what we did during the ­SuperTech competition. There were some that were very good and some that didn’t do good at all. And then there were a lot in between. Do you have that skill in the people that do the maintenance? Your maintenance operation needs to get trained and recognize that threat, and gain the skills that are needed to protect your company or your organization against that threat.”

Future Ahead

Zachos said he is currently working toward crafting cybersecurity recommended practices for the TMC Annual Meeting in February.

“I think it would be useful if we get them reviewed and send them on to the organization for balloting. The contract considerations are one thing. So it’s an idea that when you’re buying new equipment, be it a truck, computer, here are the things that you ought to do in the acquisition process to maybe have your vendors be aware of. Because it’s just not starting within you. There’s the supply chain all the way down to the computer chip level. It’s having that control and understanding where you are getting your chips. Sometimes those chips are counterfeit and sometimes, they do have viruses or something implanted. There are legitimate cases of that.

Want more news? Listen to today's daily briefing above or go here for more info

“This is a supply chain issue. You have to have trust down to the lowest level of vendor. You have to trust that they have good cybersecurity practices. You may recall the Colonial Pipeline hack that occurred recently. There was a breach in one of the computers that was controlling the pipeline and controlling some of their operations. And in terms of how that affected the end customers, the hackers shut the pipeline down. They were not getting fuel and couldn’t deliver the fuel. There was a big chain there. So, my point there is that the chain of custody just doesn’t stop in your shop. It has to go all the way through your operations and then to talk to your vendors and to their suppliers as well.”