Trucking’s two biggest cybersecurity threats today

Once a hacker accesses a vital system for fleet operations, the cybercriminal can steal sensitive data or lock down the system altogether.

The best defense against a cyberattack is to prevent access. The two main ways that attackers gain access to fleets’ systems are through phishing or API vulnerabilities—so it is essential to know how both attacks work and what fleets can do to prevent them.

Phishing

Phishing is a scam in which attackers pretend to be from a reputable or legitimate organization through an email or other messaging system. Nearly anyone with a cellphone or email account has encountered phishing attempts.

The scam aims to trick victims into clicking a suspicious link, opening a dangerous file, leaking sensitive information, or providing money. Employees who click the phishing hyperlink, open a malware file, or provide login credentials can unintentionally allow attackers to access a fleet’s critical systems.

“It is something that is easy for a hacker to deploy at mass,” Joe Ohr, COO at NMFTA told FleetOwner. “They can send an email to millions within minutes and impact small to large truck companies.”

Attackers can send millions of emails quickly but only need one key victim to infiltrate a system. Someone with privileged access to a sensitive database could have only a momentary lapse in judgment for a phishing attack to be successful.

“Phishing also targets the users within the company that are most vulnerable to deception because they are busy with their day-to-day tasks and security may not be at the forefront of their mind,” Cara Walls, director of cybersecurity at NMFTA, told FleetOwner.

The best way to prevent successful phishing attacks is to limit privileged access and ensure personnel know how to identify the scam.

See also: Protect your fleet from cyber risks

During NMFTA’s panel Cyber Security in Trucking Today at Truckload 2024 in Nashville, Adam Abresch, EVP of cyber solutions at Acrisure, recommended dedicated cybersecurity training for employees accessing emails.

“Empower those folks within your organization to know what to be on the lookout for, to know what to click on, what not to click on, the actions to take if they think that there’s something suspicious,” Abresch said. “A lot of people want to do the right thing in cybersecurity, but they don’t necessarily know what that is all the time.”

This can include cybersecurity training modules or phishing campaigns. By simulating phishing attacks, employees can be better trained to identify the scam.

API vulnerability

An API, or application programming interface, is a way that any two programs can communicate.

“APIs form the backbone of modern IT services,” Walls told FleetOwner. “As the trucking industry embraces better and faster technologies (such as cloud, microservices, etc.) that are well suited to volume variability and other industry needs, API security becomes more important.”

APIs are also a significant entryway for attackers to access the involved programs.

“Almost all trucking companies use APIs to exchange data. APIs are how they get and receive data,” Ohr told FleetOwner. “Although you may have the strongest security in the world, you are only as strong as your weakest link, which in many cases is a third-party vendor you connect to via an API.”

See also: NMFTA demonstrates how hackers can disable trucks and trailers

For APIs that connect to third-party vendors, vulnerabilities can be a scary concept; a fleet might have almost no control over how the API works. However, one of the most effective ways to prevent API vulnerabilities is actually directly within fleets’ hands: keeping up with patches.

“A lot of attacks happen through not updated firmware, hardware, OS, and databases,” Ohr said. “It is important to do monthly patching as, when these patches come out, the hackers also become aware of these vulnerabilities if they were not already aware.”

Once a hacker knows about an API vulnerability, they can send millions of malicious network requests across countless machines and systems in hopes of exploiting the vulnerability—wherever it may be found. Fleets of any size can be victims of a cyberattack if they happen to use the wrong API version at the wrong time.

“Patch, patch patch … Please patch your systems,” James Crawford, the Cybersecurity and Infrastructure Security Agency’s cyber security coordinator for the State of Tennessee, said during the NMFTA cybersecurity panel at Truckload 2024. “Don’t push it off to the next day, don’t push it off until three days later because it’s inconvenient. Because, by that time, it’s probably too late."