Armor Your Connected Fleet with Cybersecurity Measures

Written by David Cullen on March 1, 2024. Posted in Technology.

Utility fleets are integrating various connected-vehicle technologies that mine data to boost operational efficiency and effectiveness. But leveraging this brave new world of rich data is not without risk.

The more connected a utility’s vehicles and facilities – and the more data they generate – the more likely they are to come under cyberattack, which can result in anything from a mere nuisance to a full-fledged criminal assault that can shut down the entire enterprise.

Image courtesy of Cybersecurity Cedit CISA.GOV DHS

The risk is real and it’s growing relentlessly. On the other hand, once fleets know what they’re up against, they can harden their defenses by implementing cybersecurity measures that are designed to protect their data, vehicles, facilities and overall operation from bad actors.

According to the U.S. Department of Homeland Security, “Cybersecurity is the art of protecting networks, devices, and data from unauthorized access or criminal use and the practice of ensuring confidentiality, integrity, and availability of information.”

And there is ample proof of just how big a threat cybercriminals present to truck operations. Marsh McLennan Agency (www.marshmma.com), a provider of business insurance and other services, stated that per an IBM study, the transportation and trucking industry was the ninth most targeted for cyberattacks in 2022.

Upstream (https://upstream.auto), an international provider of cloud-based cybersecurity detection and response platforms for protecting connected-vehicle data, has stated that cyberattacks against the “smart mobility ecosystem” are increasing in frequency and sophistication.

Into the Depths
For its latest Global Automotive Cybersecurity Report, Upstream’s analysts investigated more than 1,173 incidents, going back to 2010, by monitoring “hundreds of deep and dark web forums” to help uncover key trends driving up the threat level, including the following:

Cybercriminals are behind 63% of cyber incidents. “The massive amounts of data, [personally identifiable information], and access points to vehicles open the door for black-hat actors to new monetization potential.” Smart-mobility APIs present a new and significant risk as they “open the door to new attack vectors.”
Electric vehicle charging may dramatically change the way vehicles are protected. An “ever-changing attack landscape has led to the emergence of a new attack vector that will be at the core of smart-mobility EV charging infrastructure, which now accounts for 4% of total incidents.”
Data-sharing in the tainted depths of the internet “dramatically increased during 2022 and requires action by the entire supply chain.” That year, Upstream found a 35% year-over-year increase in “information sharing among threat actors on deep and dark web sources and platforms.” Specifically, automotive-related searches and the proliferation of knowledge on attack techniques “revealed an increase in attack methods and available access points to connected vehicles.”
Regulators are drafting approaches to automotive cybersecurity regulations. As fleet-wide attacks targeting sensitive data and EV charging infrastructure rise, “next-generation regulations will focus on protecting sensitive data and EV charging infrastructure.”

Upstream summed up the rising threat to connected fleets by pointing out that the “proliferation of mobility applications and access to massive amounts of data present malicious threat actors with tremendous opportunities for financial gain. Fleet-wide attacks are expected to increase across the entire mobility ecosystem.”

The Connected Risk
Cyber specialists at Marsh McLennan Agency advised that the risk of attacks rises as fleets become more connected. Now that communications, billing and logistics can be integrated via single database systems, cybercriminals have a greater chance of disrupting a business and its supply chain in a single targeted attack.

The types of attacks deployed range widely. They could be phishing scams that target employees by posing as legitimate third parties or as actual employees, or they could breach security systems to insert ransomware and malware to gain access to confidential data, according to Marsh McLennan Agency.

Marsh McLennan Agency’s best practices to thwart cyberattacks on connected fleets include the following:

Deploy software designed to detect and flag suspicious emails.
To the extent possible, separate critical vehicle function systems – such as the controller area network bus – from any internet-connected components.
Employ penetration testers to assess the likelihood of a malicious actor affecting the functionality of fleet vehicles.
Verify cybersecurity practices of third parties before doing business with them.
Sanitize data input to decrease the risk of SQLi attacks. (Per web-security firm PortSwigger (https://portswigger.net): SQL injection, or SQLi, is a “web security vulnerability that allows an attacker to interfere with the queries that an application makes to its database. This can allow an attacker to view data that they are not normally able to retrieve.”)
Implement a robust patch management program.
Secure remote desktop protocol ports and use multifactor authentication to defend against remote attacks and credential hacking.
Enable encryption for Wi-Fi-connected networks, perform signal audits to ensure signals are not visible outside the network perimeter, and deploy rogue access point detection to block unauthorized access points.
Test and encrypt backups to avoid business income losses.

Image courtesy of Bruckners Truck and Equipment Volvo Trucks North America

Worry Points
In its latest business-risk index study, mega insurance firm Travelers (www.travelers.com) again ranks cyberthreats as one of the top three business concerns of 12,000 survey participants from companies of all sizes. The 2023 national survey found that among those asked, 58% said they worry some or a great deal about cybercrime, ranking it just behind medical cost inflation (60%) and broad economic uncertainty (59%).

“Cyber risks have extremely serious consequences – one attack can weaken an organization or potentially put it out of business,” said Tim Francis, enterprise cyber lead at Travelers. “Fortunately, there are effective measures that companies can take to address vulnerabilities and successfully manage through a cyber event.”

While Francis said survey respondents expressed confidence that their company had implemented best cyber practices, their responses did not reflect that assessment. At least 25% of the businesses have not taken essential steps, such as installing firewall or virus protection and implementing data backup and password updates. A much larger percentage said they don’t use endpoint detection and response (64%); conduct cyber assessments for vendors (57%) or customers’ assets (56%); have an incident response plan (50%); or utilize multifactor authentication for remote access (44%).

Francis stressed that the survey results show that more can still be done to harden systems against cyberattacks. “A well-designed, multilayered cybersecurity program can help mitigate the threat of a cyber event,” he said.

Cybercrime is not going away, not when connected fleets offer such a tempting target to hordes of unseen yet vicious assailants. To increase a fleet’s cybersecurity, first assess how vulnerable your systems and facilities are, including charging stations. Then, train your staff on the risks and seek out solutions to best button up your data, systems and vehicles for maximum protection.

About the Author: David Cullen is an award-winning journalist who specializes in covering the trucking industry. Based in Connecticut, he writes for several business publications.

wp-content/uploads/2024/03/Vol14-Issue1-UFP.jpg

MARCH 2024

Featured

David Cullen

David Cullen is an award-winning journalist who specializes in covering the trucking industry. Based in Connecticut, he writes for several business publications.