Page 44 - Arkansas Trucking Report Volume 22 Issue 6
P. 44
and weak or legacy passwords,”
Froat said of potential soft spots for
“THE WAKEUP CALL WAS TO SMALL- AND MEDIUM- cyber attacks. “For trucks, [National
SIZE CARRIERS AND BUSINESS OWNERS THAT ARE Highway Transportation and Security
UNAWARE THAT THEIR PERSONAL, DAY-TO-DAY Administration] guidelines and industry
PHISHING EMAILS AND MALWARE ACTIVITY CAN best practices describe connections from
the smartphone Bluetooth, infotain-
AFFECT PHYSICAL SYSTEMS SUCH AS TRUCKS AND ment/telematics, onboard router, and
AUTOMATED LOADING/UNLOADING PROCESSES.” any device that stores or communicates
data physically through onboard con-
—RUSS FROAT, AMERICAN TRUCKING ASSOCIATIONS’ nections are cyber-intrusion vectors.”
DIRECTOR OF ENGINEERING AND IT It is important to know that manu-
facturers, technology suppliers and
service providers have extensive cyberse-
And given the importance of the and medium-size carriers and business curity standards and testing protocols,
trucking industry, and the safe opera- owners that are unaware that their Froat said. But it also important to prac-
tion of its vehicles, to the U.S. economy, personal, day-to-day phishing emails tice personal preventive cybersecurity.
it is vital those systems be protected. and malware activity can affect physical “For one, never wirelessly or physi-
Froat, said the repercussions are systems such as trucks and automated cally connect a device to any part of a
numerous and varied but the worst- loading/unloading processes,” Froat truck system without understanding
case scenarios resulting from major said. “It’s a shame that it did happen to the cyber risks,” he said. “Same goes for
cyberattacks would be, “impacting TNT Express. company networks — you wouldn’t click
freight commerce, U.S. economy, and After WannaCry then Petya — not on a link sent to you from a stranger’s
commuter lockdown/slowing emergency knowing how similar each intrusion email or reply to a random message.
responders.” vector was — it’s important for U.S. Treating the truck as a company asset
Within the transportation indus- fleets to take action in information like your computer. It’s much easier to
try, a summer cyberattack on FedEx’s sharing to prevent it from happening to wirelessly connect to a truck system
European subsidiary TNT caused major anyone else.” without a warning message popping up
disruptions in operations and com- to make you think twice.”
munications. From June 28–Aug. 18 THREAT WATCH Froat said he knew of very few
TNT disruptions meant “meaningful New vehicle technologies, con- attacks directed at motor carriers so
volumes” were lost to competitors, espe- nected systems for electronic logging far. He mentioned a shipper whose
cially in its express/overnight opera- devices and maintenance, as well as payments were misdirected because of
tions, said analyst Thomas Wadewitz in the all-pervasive cloud computing and false orders placed by hackers and noted
a message to clients. its applications within the trucking another instance in which disguised
FedEx put the price tag of the industry, threaten to make carriers hackers took loads from brokers, offered
impact at $300 million and the lost more susceptible to attacks. Froat said the loads to carriers via broker boards,
sales, coupled with other disruptions the susceptibility comes when onboard then took the brokers’ money and never
like those caused by Hurricane Harvey, electronics are connected with outside paid the carriers.
forced FedEx to cut its annual earnings communications that control physical “These are perceived to be the tip of
forecast. systems via computer. the iceberg when the chance of some-
Also in June, worm malware identi- Part of the job for Froat — who got one reporting an issue is less than 5
fied as NotPetya crippled Danish ship- his start as a mechanic with Penske percent of the time,” Froat said. “These
per A.P. Moller-Maersk for two weeks, in Baltimore before embarking on an $100,000 losses happen all the time
costing close to $300 million in lost electrical engineering degree — is to help and never hit the FBI or DHS.”
revenue in an attack that briefly shut develop technology industry members But so far, there are no reports of
down the Port of Los Angeles’ biggest can use to protect themselves from anyone hacking digitally connected
cargo terminal. cyber security threats. trucking systems.
While alarming, Froat said he That means identifying areas where
didn’t think the transportation attacks companies and trucks can be most vul- SECURITY FORCES
were a wakeup call to the larger carri- nerable. The Technology and Maintenance
ers and shippers, who have IT personnel “For the companies themselves, Council, a technical council of the
and cybersecurity prevention methods. it’s weak network security, network ATA, has been recommending volun-
“The wakeup call was to small- singularity, open internet access, tary practices to solve industry issues
44 Issue 6 2017 | ARKANSAS TRUCKING REPORT
