Photo: Nahel Abdul Hadi/Unsplash
Hacker Skull Nahel Abdul Hadi Unsplash 5ea9e7442c92b

Cargo fleets and the looming threat of ransomware

May 6, 2020
For hackers, any system with Wi-Fi, Bluetooth, GPS, or Internet connectivity – including federally-mandated electronic logging devices (ELDs) for trucking and transportation fleets – represents an enticing entry point for attack.

By Moshe Shlisel, CEO and co-founder of GuardKnox

Today’s cargo fleets are integrating more and more connected technologies, bringing substantial improvements in performance. But greater connectivity also means greater vulnerability to cyber attacks — a serious threat even in boom times. Amid the current coronavirus pandemic and a sharp global economic downturn, it’s now more important than ever that essential goods like medical supplies and food reach their intended destinations free of malicious disruptions.

For hackers, any system with Wi-Fi, Bluetooth, GPS, or internet connectivity – including federally-mandated electronic logging devices (ELDs) for trucking and transportation fleets – represents an enticing entry point for attack.

And it can work two ways. First, vehicles can be directly hacked through their internal communication networks, enabling hackers to take control of the one vehicle and the vehicle can serve as a gateway into the fleet company’s IT system itself.

Alternatively, hackers can enter through fleet companies’ IT systems and ultimately penetrate vehicles within the fleet. By gaining access to these systems, hackers can inject harmful ransomware devastating enough to paralyze entire fleets.

To protect the safety of fleets’ cargo and to avoid financial ramifications, it’s imperative that OEMs ensure that they implement robust cybersecurity protection. Now more than ever, people’s lives and livelihoods hang in the balance.

Ransomware and safety-critical systems

Ransomware can prove highly lucrative for hackers – and highly damaging to networks and fleet operators that experience such an attack. The NotPetya ransomware attack, linked to a group of Russian military hackers, is perhaps the most potent example of the havoc these attacks can wreak: Victims received ransom messages requesting payment if they wanted to unlock their files, but all computer files were encrypted anyway, with some completely erased. This particular attack cost FedEx’s TNT courier delivery service nearly £221 million, impacting both deliveries and sales.

More prominently, the 2017 WannaCry cyber attack disabled computers across the globe, with North Korea-linked hackers demanding locked-out users pay ransom in Bitcoin. In the United Kingdom alone, the attack shut down computers across the nation’s hospitals and cost the National Health Service £92 million. Crucially, hackers penetrated below the level of IT-based cyber solutions, via a zero-day vulnerability found in out-of-date operating systems, highlighting the need for connected devices to be secure by design.

The implications of a similar attack on cargo fleets would be grave – particularly given how many safety-critical systems, whose malfunction could result in death or injury to the driver, are internet connected. By 2022, two in three new vehicles in the United States will have connected safety-critical systems. Ransomware attacks on these systems – among which include brakes, steering wheels, and airbags – can stop entire fleets of vehicles from functioning or even bring them to a halt on the highways, potentially causing significant casualties. Massive supply-chain chaos would financially harm fleet operators, as well as potentially cause billions of dollars of economic damage.

Understanding ransomware

How might hackers go about executing such an attack? They’d start by obtaining a small set of target vehicles on which to practice. Hackers would then create a primary malware for infiltrating the vehicles (or fleet IT network), perhaps with the aid of a social engineering attack in which they gain access to sensitive information through malicious (if seemingly legitimate) emails. Their next order of business is finding a mechanism for actually infecting vehicles with the malware, via an over-the-air (OTA) update or through a physical connection, for instance. 

Malware – either the primary malware or some secondary malware it has spawned – then targets the vehicle’s ECU. Executed across an entire connected fleet, the ramifications could be catastrophic. 

Even the less calamitous possibilities are troubling to contemplate. Say hackers successfully extort a ransom payment: It’s possible they may simply pocket the payment and allow the attack to proceed anyway – but even if they unlock the vehicles, fleet owners will still have paid a substantial sum, likely in cryptocurrency payments that authorities won’t be able to trace.

What’s at stake for fleet owners

The financial costs to business go beyond any payments lost to hackers and not covered by insurance. If a shipping company has its fleet disrupted by a cyber attack, the company will experience substantial downtime between the onset of an attack and its resolution – and for many businesses, as well as the economy, downtime can prove devastating. In some cases, paying the ransom will be cheaper than going through the necessary steps to remove the ransomware, which could take weeks. 

The risk isn’t merely theoretical. After the Australian Toll Group fleet operator was struck by a ransomware attack earlier this year, it took six weeks before deliveries and core services were returned to normal operating capabilities.

That attack came on the heels of a 2019 ransomware attack targeting Pennsylvania-based trucking company A.Duie Pyle; it took days before the company was back online, and once systems were restored, the company had to rebuild all its applications. And while the financial cost was never disclosed, it’s clear that the fleet operator, their customers and others in the economic shipping chain, were hurt financially. 

To avoid a hit to business – or worse – fleet owners need cybersecurity solutions that can be implemented across their entire fleets during production as well as in the aftermarket. Because a fleet is only as secure as its least secure vehicle, it’s essential that each and every vehicle in the fleet is cyber-secure. For automakers to safeguard vehicles against ransomware threats, security-by-design must be the fundamental principle underpinning every aspect of the vehicle; more importantly, for models already on the road, aftermarket solutions are necessary for all fleet vehicles. Fortunately, for manufacturers, solutions currently exist that can be easily retrofitted to existing trucks at minimal costs. 

By providing ongoing monitoring of all messages transmitted in the vehicle network, an automotive cybersecurity solution can guard against both known and unknown threats, preventing infiltrations.

In this increasingly connected age, it’s inevitable that virtually every organization will face a hacking attempt – and for hackers looking to maximize their impact, cargo fleets represent prime targets. Only by fortifying each vehicle in their fleet against this threat can fleet owners stop hackers in their tracks.

Voice your opinion!

To join the conversation, and become an exclusive member of FleetOwner, create an account today!

Sponsored Recommendations

Optimizing your fleet safety program using AI

Learn how AI supports fleet safety programs with tools for compliance monitoring, driver coaching and incident analysis to reduce risks and improve efficiency.

Mitigate Risk with Data from Route Scores

Route Scores help fleets navigate the risk factors they encounter in the lanes they travel, helping to keep costs down.

Uniting for Bold Solutions to Tackle Transportation’s Biggest Challenges

Over 300 leaders in transportation, logistics, and distribution gathered at Ignite 2024. From new products to innovative solutions, Ignite highlighted the importance of strong...

Seasonal Strategies for Maintaining a Safe & Efficient Fleet Year-Round

Prepare your fleet for every season! From winterizing vehicles to summer heat safety, our eBook covers essential strategies for year-round fleet safety. Download now to reduce...