Internet pirates can shut down a carrier’s entire operation in a matter of minutes from thousands of miles away, and these incidents aren’t just isolated to back-office systems. Technology has granted sophisticated attackers a means into the truck itself.
Fleet Defender CEO and Founder Terry Reinert joins the 10-44 this week, and while it sounds like something out of The Fast and Furious, he says capabilities exist for cyber attackers to hijack a rig while it’s rolling down the road with the driver inside.
Contents of this video
00:00 Hacking trucks
02:19 Taking control of the truck
04:49 Who’s hacking trucks?
05:32 Indicators of compromise
06:41 Organized crime
08:03 Wide mix of cyber threats
09:13 Ways to protect your truck
Speaker 1 (00:00):
This week's 10-44 is brought to you by Chevron Delo 600 ADF ultra low ash diesel engine oil. It's time to Kick Some Ash.
Jason Cannon (00:09):
Flat tires, fault codes, and now being hacked. These are the hazards of the new age highway.
Speaker 1 (00:15):
You're watching CCJ's 10-44, a weekly webisode that brings you the latest trucking industry news and updates from the editors of CCJ. Don't forget to subscribe and hit the bell for notifications, so you'll never miss an installment of 10-44.
Jason Cannon (00:29):
Hey, everybody, welcome back. I'm Jason Cannon and my co-host on the other side, as always, is Matt Cole. Hacking and cyber attacks are faceless strong-arm robberies. Internet pirates can shut down a carrier's entire operation in a matter of minutes from thousands of miles away, but these incidents aren't isolated just to back-office systems. Technology has granted sophisticated attackers a means into the truck itself.
Matt Cole (00:53):
All the new technology and connectivity within vehicles like tractor trailers not only makes vehicles smarter and improves efficiency, but it's also a new attack vector for cyber criminals.
Jason Cannon (01:04):
Fleet Defender CEO and founder, Terry Reinert, joins the 10-44 this week. And while it sounds something like out of the Fast and Furious, he says the capabilities exist for cyber attackers to hijack a rig while it's rolling down the road with the driver inside.
Terry Reinert (01:19):
So if you've got a satellite terminal, if you've got cellular modems, from part of your telematics, your ELD, or whatever else, so there's different vectors in there. Even some of the more modern trucks, they've got upwards of seven or eight different wireless connectivity to the vehicle itself. But there's other really interesting attack vectors against vehicles. Like the National Motor Freight Trucking Association, they released information about eight months ago on a vulnerability that would allow anybody with a small little software-defined radio, probably cost like 50 bucks down at the store, and an antenna, they could point the antenna at the truck, send the right RF signal, like the radio frequency signal, at the truck. And it would put diagnostic messages on the trailer network and lock the brakes of the trailer. So even without even having to touch the truck, they can have very devastating effects on the vehicle itself. And then of course, if they have physical access to the truck, then they can do a whole lot more.
Matt Cole (02:19):
The driver provides some measure of protection from an attack because the cyber criminals lose their anonymity and the driver can either attempt to stop it or call the police, but it's really a race, Terry said, to see who can control the situation first, the good guy or the bad guy.
Terry Reinert (02:34):
Think about it. I mean, even with somebody in the truck, if they lose control of the truck, that could be pretty devastating. And if you lose control of the ability to brake, if you lose control of ... On other types of commercial vehicles and consumer vehicles, power steering is no longer pneumatic. It's now actually just a big motor sitting at the end of the steering column that assists the driver and that's driver steering. And so you've got a power steering control module, that if an attacker happens to hit it with the right kind of malware, they could take control and affect the steering of the vehicle as well. And so before the vehicle could even come to a safe stop, hackers could potentially affect the ability of the driver to bring it to a safe stop.
Jason Cannon (03:18):
A cybersecurity breach on back-office systems is almost always a ransomware play where attackers cripple a trucking company until they pay the hackers a large sum of money to turn back over access to the business systems. By breaching the truck itself, Terry said cyber criminals have more options and he tells us what those options are, after a word from 10-44 sponsor, Chevron Lubricants
Speaker 1 (03:41):
Protecting your diesel engine and its after-treatment system has traditionally been a double-edged sword. The same engine oil that is so essential to protecting your engine's internal parts is also responsible for 90% of the ash that is clogging up your DPF and upping your fuel and maintenance costs. Outdated industry thinking still sees a trade-off between engine and emission system protection, and Chevron was tired of it. So they spent a decade of R&D developing a no compromised formulation. Chevron Lubricants developed a new ultra-low ash diesel engine oil that is specifically designed to combat DPF ash clogging. Delo 600 ADF with OMNIMAX technology cuts sulfate ash by whopping 60%, which reduces the rate of DPF clogging and extends DPF service life by two and a half times.
(04:25):
And just think what you can do with all the MPGs you're going to add from cutting your number of regens. But Delo 600 ADF isn't just about after treatment. It provides complete protection, extending drain intervals by preventing oil breakdown. Before you had to choose between protecting your engine or your after treatment system, and now you don't. 600 ADF from Delo with OMNIMAX technology, it's time to Kick Some Ash.
Terry Reinert (04:48):
So it really depends on who's doing it right. So you've got specific organized crime, international organized crime groups, that they're behind most of the ransomware. Yes, that's what their play would be, is extorting ransom from companies. You've got actual nation states that would be interested in harming the economy of Western civilizations, United States, European Union, Canada, those types of things. So it could even be even at the nation, state level looking to harm economies and looking to delay responses from Western militaries to aggression or around the globe. So we're tracking and working with the government on a lot of these different threat actors, what they're doing and why they're doing it.
Jason Cannon (05:32):
As Hollywood as this all sounds, Terry says it's actually happening right now.
Terry Reinert (05:36):
There are what we call indicators of compromise and we have seen indicators of compromise on vehicles. It is still kind of in this emerging state. There's a lot more obviously details being collected by governments, but we've seen some things hit the news. For example, heavy-duty vehicles, Class 8 trucks and things like that, are very similar in nature, architecture and design to tractors and combines. They're all just smart connected vehicles. They all run some flavor of CAN bus, whether it's J1939 or this or that. And with the war between Russia and the Ukraine, the Russians stole a bunch of John Deere tractors and then Ukrainian hackers actually bricked, erased the firmware, basically a ransomware attack, very similar in technique, remotely. And so now Russia has a bunch of tractors that don't work. And so that just kind of proves, like, "Okay, this mobility sector, all transportation, whether it's construction and mining, logistics, ag tech, whatever, these vehicles are vulnerable to those types of attacks."
(06:42):
It really depends on who the threat actor is that's doing it. We are seeing a lot more vehicle tracking and theft by organized crime, specifically up in the New York, New Jersey area. So that's starting to become more widespread. I mean, you've got people stealing cars now, where they just walk up. They're able to pop a headlight out, connect into the CAN bus that goes to the headlight and then unlock the doors and turn off the engine ignition inhibitor, start the vehicle and drive away without having the key fob. And there's even some where, like Toyotas I think it was, they have a CAN bus harness that goes up to the trunk lock. And they'll use a Dremel tool, cut a little hole in the metal around the trunk lock, connect into the wires and steal a car.
(07:24):
And so we're starting to see more and more of this advanced threats from a theft perspective and also from a organized crime perspective. They operate just like a business. They want to be more efficient, decrease their risk and increase their profitability. And so instead of having 50 guys that sit outside the port of Miami that just follow trucks as they go all around the country, and then once the driver leaves it unattended, steal it, now they can track vehicles completely digitally. And they can actually look at load manifests and see what's on the truck. They can just optimize their tactics and what they do, just like a business would.
Jason Cannon (08:03):
What exactly is a fleet supposed to safeguard itself from, enemy state sponsored attackers out to cripple transportation infrastructure or the East Coast mafia after a high value load of electronics?
Terry Reinert (08:15):
The larger threat right now would be organized crime, but that is slowly shifting towards nation state level as capabilities are developed and as the world starts to get more and more destabilized. And so I don't know if I could put a percentage number on each one, but there is a wide mix of threats across that whole spectrum. And they constantly evolve as just the nature of what's going on evolves as well. You see in the movies, people taking over vehicles from a cyber attack. I mean, that is today.
(08:48):
That is occurring. We are seeing indicators of compromise. You've got government regulations coming out from the UN, European Union, and soon the United States that say, "Hey, we need to be taking a much stronger approach to cybersecurity in our vehicles. You have to have cyber-intrusion detection systems within your vehicle to protect you against this stuff." I mean, even in the United States, the government listed logistics and long haul tractor trailers is critical infrastructure.
Matt Cole (09:14):
Unless you're a hacker, I guess, getting into and navigating a truck's ECU is somewhere between difficult to impossible. But Terry says some of the basics of protecting a truck are pretty simple.
Terry Reinert (09:23):
When was the last time you took your vehicle into the dealership and said, "Hey, I want you to update all the software in my ECUs?" Just like we update our cell phones all the time, every time Apple or Google pushes out a software update. Microsoft constantly popping up for Windows, "Install this update, security update." Nobody takes their car in to get their software updated. It's just not a thing. And if you did, guess what? There's a price tag on that. They don't just do it for free. Now, you've got Teslas who will do updates over the air and they're starting to get smarter about it, but we're still a decade out from seeing every vehicle out there actually having over-the-air updates that can occur.
(10:01):
Fleet Defender and what we do, is we've actually developed a cyber-intrusion detection system for heavy-duty vehicles. So we are actually a box that sits in the vehicle with a small screen that alerts the driver if there's any anomalies occurring within their vehicle. Whether that be the sexy James Bond, like the movie stuff, like taking over the brakes and the steering and driving the truck off the road, to maintenance anomalies, so if something's going wrong with the vehicle from a maintenance perspective or even an operator safety perspective.
Speaker 1 (10:29):
That's it for this week's 10-44. You can read more on ccjdigital.com. While you're there, sign up for our newsletter and stay up to date on the latest in trucking industry news and trends. If you have any questions or feedback, please let us know in the comments below. Don't forget to subscribe and hit the bell for notifications, so you can catch us again next week.