In trucking, theft has traditionally been a tangible threat, with scenarios like fuel siphoning or cargo theft. However, as technology has advanced, so too have the methods of attack. Nowadays, many threats to trucking companies originate in the digital realm.
Cyberattacks targeting the trucking industry have become increasingly prevalent, with hackers exploiting vulnerabilities in electronic logging devices (ELDs) to gain unauthorized access, manipulate data, and disrupt operations. A recent study by researchers at Colorado State University sheds light on the potential risks posed by compromised ELDs.
The study highlights three critical vulnerabilities in commonly used ELDs. Firstly, these devices can be wirelessly controlled, allowing hackers to take control of vehicle systems remotely. Secondly, malicious firmware can be uploaded, enabling attackers to manipulate data and vehicle operations. Finally, there is the potential for a self-propagating truck-to-truck worm to spread through interconnected ELDs, leading to widespread disruptions in commercial fleets.
“The challenges highlighted in our paper are substantial, and we have identified several critical vulnerabilities in a particular ELD model that represents a significant share of the existing market,” said Jake Jepson, systems engineering graduate student and a primary author of the paper. “The manufacturer is working on a firmware update now, but we suspect these issues may be common and potentially not limited to a single device or instance.”
To demonstrate the severity of these vulnerabilities, the research team conducted tests on a 2014 Kenworth T270 Class 6 research truck equipped with a vulnerable ELD. The results underscored the ease with which multiple devices could be hacked through a single compromised ELD, posing significant safety and operational risks to fleets.
“A bad actor who gains access to a wirelessly enabled ELD may be able to quickly spread the malware to other ELDs in its network,” said Stephen Ritzler, transportation and logistics sales manager at CoverWallet. “The viral spread of the malware could give large-scale access to a cybercriminal. They could uncover a lot of sensitive information about the routes and transfer points of high-value loads they may have intentions to commandeer. …They could also interfere with the data related to safe operations of the vehicles,” he added. “This could involve modifying logbook data to incorrectly display hours of use that are beyond the daily limit, which may put the operator of a compromised vehicle at risk for a DOT sanction.”
The implications of such cyberattacks are far-reaching for trucking companies. Apart from potential accidents resulting in increased insurance costs, ELDs are also used to inform safety and insurability assessments by insurers. Therefore, ensuring the security of these devices is paramount.
To address these vulnerabilities, the researchers propose several measures to enhance ELD security. These include disabling unused interfaces, implementing high-entropy default passwords, using secure firmware signing mechanisms, eliminating unnecessary API features, and implementing telematics device firewalls. These recommendations are deemed practical, user-friendly, and cost-effective.
“To address the vulnerabilities identified in our research and effectively prevent truck-to-truck worm attacks in electronic logging devices, a multifaceted approach is required,” the researchers wrote. “This approach encompasses the enhancement of default security settings, implementation of robust firmware integrity and authenticity checks and the elimination of unnecessary and high-risk features.”
Jeremy Daily, the lead researcher, emphasizes the significance of these findings not only for the trucking industry but also for broader infrastructure vulnerabilities as different assets become increasingly interconnected. By addressing these vulnerabilities proactively, trucking companies can mitigate the risks posed by cyberattacks and ensure the safety and security of their operations.
“Our group will continue to develop adaptable security measures, assessments and models that can easily be integrated into existing operations,” Daily said. “These security design patterns can also be utilized over the truck’s lifecycle, from conceptual design to system retirement.”
Source: Commercial Carrier Journal