The threat of cyberattacks on the trucking industry is serious, especially when you consider how quickly the industry is catching up after years of being behind the times on digitization. That’s why the National Motor Freight Traffic Association (NMFTA)™ has been so vigilant in recent years about researching, reporting, and offering guidance to the industry on the nature of current trends.
In October 2023, we held our annual Digital Solutions Conference on Cybersecurity, which brought together the nation’s leading experts from the transportation, security, and law enforcement communities to get everyone up to speed on the latest. They left that gathering in Houston, TX as current as anyone in the nation about the threats – and preventive strategies – to cybersecurity in trucking.
And as we look to 2024, we have to acknowledge something: If all you know is what we told you in 2023, you don’t know much.
That’s because no matter how comprehensive a job we do at presenting the reality of cyberthreats to the industry, they change in an instant. It’s the nature of a realm that combines quickly moving technology with bad guys who are constantly innovating.
They read our blogs, too. They read our columns in CCJ. They know exactly what we’ve figured out about how to stop them. So, they’re working on the next generation of ransomware attacks, phishing schemes, and denial-of-service attacks. They’re devising ways to use AI to generate deceptions and worm their way into enterprise systems. And they’re investing in new technology to help them do it all.
This is the nature of cyberthreats. They constantly evolve and become more challenging. So, it’s not enough to rest on what we shared with the industry last year. And there are nine months until our next cybersecurity conference.
That’s why NMFTA has written and released its 2024 Trucking Cybersecurity Trends Report. We are urging everyone in the trucking industry to read it.
The report not only brings readers up to speed on what’s happened in recent months, it also looks ahead at what’s expected in areas like API security, phishing, and direct threats to trucks. We also summarize the expectations of other organizations who watch this space closely, including WatchGuard, Forrester, Gartner, and Trend Micro.
Some of what they see includes:
· Stepped-up attacks using AI
· A rise in the use of deep fakes to trick people into clicking links and opening attachments
· Cyberattacks on elections, including voter data and election misinformation
· Targeting of space-based infrastructure, including the satellites the industry uses every day for things like global positioning
· New threats to cloud-based data
· Supply chain attacks on developers using software package managers
· New uses of the blockchain by cyberattackers
There is really nothing on the cybersecurity agenda that isn’t top priority. Trucking companies need to keep up on patches, implement multi-factor authentication (MFA), prepare business continuity plans, run penetration testing, review their cybersecurity insurance–it’s all critical.
But if there’s one thing that might qualify as first among equals, it’s the training of employees to be able to spot cyberattacks.
One of the most common methods hackers use to get into a company’s enterprise system is Business Email Compromise (BEC). It’s primitive as cyberthreats go but it works. Hackers try to convince you they are someone you trust, or that they’ve got an action you need to take right away. They use clever tricks like slightly disguised fake domains or claims of a banking snafu that needs to be resolved right away.
The diligent employee, who doesn’t want to let a problem linger or be unresponsive to an important person, clicks without thinking. And the hacker is in.
Sometimes it’s even more rudimentary than that. Hackers have been known to penetrate enterprise systems by leaving a thumb drive lying around just where an employee might find it. The employee picks it up, figuring one of his or her colleagues dropped it, and sticks it into a USB port just to find out what it is.
Boom. The hacker is in. It can happen that quickly.
And that’s before the advance of AI, or of deep fakes to make you think your CEO has sent you a video giving you critical instructions you need to follow. This is how clever these attacks are getting, and they advance constantly. Two months from now we’ll probably be using this space to tell you about something new.
So, the 2024 Trucking Cybersecurity Trends Report is yours for the taking. Download it today and review it with your team.
No trucking company can be overprepared for a threat like this, which is constantly changing and has the potential to cripple or bankrupt any company in the industry.
We all need to come together in the quest for cybersecurity. We can compete on the road, and we should, but in cyberspace we need to be united as an industry to beat back the people who would take us all down.
NMFTA, in partnership with everyone in the industry, refuses to let that happen.
Just Announced: The NMFTA Cybersecurity Conference will be held October 27-29 in Cleveland, OH. Make plans today to join colleagues for this can’t-miss event. Learn more at www.nmftacyber.com.
Joe Ohr is chief operating officer of the National Motor Freight Traffic Association.