Cybercriminals Target Internet-Connected Truck Fleets
WHY THIS MATTERS
The positive impact of connected trucks includes improved communication with drivers, monitoring routes and deliveries, lower fuel emissions, vehicle safety, and road safety.
Like the Internet of Things (IoT) devices, or Industrial Internet of Things (IIOT), hackers are attracted to any product connected to the internet. Why? Data.
This new enabling technology in vehicles creates a growing attack surface that allows hackers to exploit vulnerabilities to steal, disclose, and sell your data.
Attackers no longer need physical access to a vehicle to take control.
This new normal for connected truck fleets is a shift in focus and mindset from physical security of the vehicle and cargo to physical safety of the driver, and his/her PII, as well as the company’s sensitive customer information or intellectual property.
The Modern Connected-Vehicle Era
Statista reported in 2020 that there are over one billion motor vehicles in use worldwide. In 2019, worldwide sales of connected cars with embedded telematics hit 28.5 million units.
Vehicle manufacturers have introduced new features that improve safety, convenience, and efficiency. In the process, they digitize processes that were previously mechanical and introduce external communication ports and internet connections to machines that previously operated in isolation.
How can fleet managers and IT professionals limit the risks associated with modern vehicles?
Although researchers have not found documented cases of physical harm to vehicle occupants through cyberattacks, they have demonstrated ways to take control of vehicle functionality through infotainment systems and unsecured telematics devices and stop vehicles from charging on electric vehicle supply equipment (EVSE).
The study of cyber vulnerabilities in connected vehicles is ongoing.
The Impact of COVID-19 on Transportation and Logistics
During the pandemic, cyberattacks have increased:
The latest report from Mimecast points out that the spread of COVID-19 has created many new cybercriminals opportunities.
The report states that the monthly volume of all detection categories increased significantly between January and the end of March 2020:
- Spam/opportunistic detections increased by 26.3%
- Impersonation detections increased by 30.3%
- Malware detections increased by 35.16%
- Blocking of URL clicks increased by 55.8%
Unfortunately, transportation and logistics were among the top three sectors targeted throughout the first 100 days of the pandemic.
Mimecast also points out that two of the technologies most vulnerable to attacks -- 5G and IoT -- will be critical to the transportation industry.
Federal Fleet Managers Beware of Cyber Risks
The Federal Energy Management Program (FEMP) has developed resources to help fleet managers and information technology teams plan for modern vehicles' emerging cybersecurity vulnerabilities. As vehicles become safer overall, the dangers change from distracted drivers to privacy intrusion and compromised operation.
To help federal agencies understand the cyber-related physical threats to modern vehicles, FEMP adopted recommendations from a report by the National Renewable Energy Laboratory (NREL) entitled: Vehicle Cybersecurity Threats and Mitigation Approaches.
The report concludes that many of the features discussed (including connected and automated vehicles, telematics systems, and electric vehicle supply equipment (EVSE)) ultimately make vehicles safer and more efficient. Nevertheless, fleet managers should work with their information technology and contracting colleagues to mitigate incidental risks created.
Also, general mitigation efforts should include security practices like encrypted communications that apply to any equipment communicating over a cellular or wireless network and specific procurement recommendations that are particularly relevant to motor vehicles.
Security Researches Tested the Jeep Cherokee
In 2015, Wired covered a story about how hackers remotely took over control of a 2014 Jeep Cherokee on the highway from a laptop miles away, with a willing reporter inside the vehicle. They proved they could infiltrate the car, and control windshield wipers, climate system, radio, brakes, steering, and transmission. The point – to show industry-wide cyber vulnerability. The result -- Chrysler recalled 1.4 million vehicles.
In 2016, after sparking the 1.4 million vehicle Chrysler recall, the same security researchers returned to conduct a new test – again reported in Wired.
Unlike the last hack, the researchers could not perform the new attacks over the internet ---only with a laptop directly plugged into the Jeep's CAN network via a port under its dashboard.
Thankfully, their previous work helped Chrysler create a security update to fix the flaw that gave them their earlier, remote access to the Jeep's guts. However, this hack could still be possible on patched Jeeps like the one they tested, which is the point.
The full consequences of a digital attack on cars or trucks without that patch could be much worse – a full-speed attack on the Jeep's steering and acceleration via the internal network known as a CAN bus. The next time sophisticated hackers find a wireless foothold on a vehicle's network, the result could be a fatality.
International Hacking is Real
Hackers do not need to be nearby to disrupt your steering, navigation system, or vehicle control due to worldwide internet connectivity. As noted in Detroit Free Press, vehicles are essentially computers on wheels.
Automakers in Detroit, Germany, France, China, and Japan are aggressively working to monitor technology protections in private cars, trucks, and SUVs connected to the internet for multiple functions (some with a security status of computers in the 1980s).
Stand-Alone Cyber Insurance
An investment in Stand-Alone Cyber Insurance is an investment in your financial survival after a cyber loss.
- Bodily Injury and Property Damage – if someone suffers physical injury due to a security breach or failure, some carriers provide coverage for this third-party loss.
- Ransom payments – if you incur cyber extortion-related expenses, such as the cost of hiring a security expert to advise you on how to respond to a threat, negotiating, or making the ransom payment.
- Business interruption – if you lose business income during the cyber event (after a brief waiting period and during a restoration period), including the policyholder's net profits before taxes and extra expenses incurred during your computer network's shutdown, including payroll.
- Data recovery or restoration – if you lose programs, software, or data due to damage, disruption, theft, or misuse of your data.
- Incident response team –you incur costs associated with an incident response plan and the team to support you during a cyber incident.
- Employee training tools – if you are looking for proactive action steps to increase loss prevention (phishing emails awareness training).
Are your employees taking action steps to avoid cyberattacks from internet-connected technology?
- Cyber risk awareness without action will not protect your data.
- Holistic cyber risk management includes cyber insurance for those times when your employees override your cybersecurity measures.
- Your business will do well to reach out to a specialist cyber insurance broker to help you acquire a Stand-Alone Cyber Insurance policy suited to your risk tolerance level.
Reach out to Cyber Armada Insurance to assist you with your Stand-Alone Cyber Insurance needs. We understand the evolving cyber risks and the importance of your investment in appropriate cyber insurance.
Contact Cyber Armada today to explore how your company can solve potential financial losses from a cyberattack. Contact us at 888.727.6232.
Watch for future articles where we explore 5G and IoT cyber risks.