Cyberattacks: the biggest threat to automated trucking

user-gravatar Headshot
Updated Nov 1, 2016

InternetThe expanding network of Internet of Things (IoT) technology is giving motor carriers new options to make equipment and drivers safer and more efficient. With every new device, software application or sensor that connects to the Internet comes added risk, however.

As more information continues to be processed and stored in the cloud, individuals and businesses put themselves at greater risk from cyberattacks.

Awareness of this risk has increased with recent events. On Friday, Oct. 21, a global Internet attack brought down major websites and slowed communications to a crawl. And WikiLeaks has been dominating the news cycle by exposing private email and documents to public scrutiny.

Most recently, WikiLeaks exposed thousands of private email messages sent and received by top operatives in the Hillary Clinton presidential campaign.

A security breach that exposes data belonging to a trucking company may not make a national headline, but it could still be very costly and damaging to all parties involved.

As one example, a cybercriminal might decide to hack into a carrier’s IT systems to obtain freight manifests. Besides planning a load heist, hackers might change a manifest to facilitate smuggling or drug trafficking.

Freight brokers that provide on-demand shipping services could also be victimized by cybercriminals using their websites to steal loads.

The specter of risk will increase as autonomous trucks hit the roads. One can easily imagine a cyberattack disabling or taking over some vehicle controls. Worse yet, what if a hacker installed malicious code in thousands of trucks with a common telematics platform?

The “black box” of telematics platforms connects to the  controller area network (CAN) of trucks, and through the black box malicious code could potentially infiltrate the control units for engine and braking systems, for example.

Telematics platforms can be wirelessly updated over the air, so hackers might coordinate a cyberattack around a scheduled software update to distribute malicious code to thousands of trucks.

otto_budOne company that specializes in IoT systems for transportation is Cisco. It builds end-to-end architectures for IoT systems in aviation, rail and public transit. The company is now developing IoT solutions for customers in manufacturing, trucking, logistics and other supply chain-related industries.

Barry Einsig, Cisco’s global transportation executive, says transportation companies already use “point solutions,” such as asset tracking systems, to increase their controls and security levels.

The problem with point solutions is they leave gaps in security where one network ends and another begins, and “in the end they become single points of failure,” he says.

Mark Botticelli, chief technology officer of fleet mobility provider PeopleNet, says the company’s Connected Fleet platform is designed to share shipment tracking and other data with partners in the supply chain in a secure fashion by exposing appropriate data using application programming interfaces (APIs).

Besides developing a cybersecurity program for PeopleNet, Botticelli belongs to a team of experts that is advising the National Highway Traffic Safety Administration on cybersecurity issues.

While companies may be connected through APIs, a single point of failure, or security breach, at one company can have far-reaching effects for all parties. For this reason, transportation companies have to think beyond their own IoT network perimeter, advises Einsig, as the march towards automated trucking continues.

Automated trucking systems will link manufacturers to distribution facilities, to carriers and to end customers. These systems will automatically identify what is on a truck, where it needs to be routed to, and know when loads will arrive at the next stop to be unloaded by a machine.

To enable this, Einsig believes the transportation industry will be moving towards IoT systems that connect carriers, shippers and supply chain partners through a single IP network.

Botticelli doesn’t see that happening on a broad scale.

Mark Botticelli, chief technology officer of PeopleNetMark Botticelli, chief technology officer of PeopleNet

“I don’t know that having everything on a common network is a possibility,” Botticelli says. “Sharing of data — that is the goal.”

Where a single IP network could be useful is for truck platooning, and Einsig sees Cisco playing a role.

“We are in a very good position to build out the architecture for automated vehicles, and for connected roadways for cities, states, and the national government,” he says.

The first glimpse of what the future of automated trucking will look happened recently. A self-driving truck created by Otto transported a load of beer exit-to-exit with no human intervention, as reported by Jason Cannon in CCJ.

The future of trucking may be exciting, but the path to automation also comes with a greater risk of cyberattacks.