The Trucking Industry’s Guide to Cybersecurity

Main Navigation

Advertisement
Social Connect
Resources
Our Brand Family
Fleet Equipment Magazine
Truck industry content for fleet owners and managers
Sponsored Content

The Trucking Industry’s Guide to Cybersecurity

Noregon Systems
By Noregon Systems
Published:

Sponsored by Noregon Systems

Hacking Experiences

Nearly every one of us has a story of a hacking victim. Perhaps you felt the gut-wrenching effects of a virus that caused you to lose an important midterm paper, maybe your login credentials appeared in the latest security breach, or some of you have likely dealt with the harsh consequences of ransomware.

Merriam-Webster defines hacking as the act of gaining illegal access to a computer network or system. For a fleet, we’ll focus on three types of systems that require cybersecurity attention and resource allocation:

  • Business systems
  • Shop systems
  • Vehicle systems

Business Systems

The Elk Cloner in 1981 is credited as the first computer virus to cause a massive outbreak. As the number of computers across the world grew, so did the “reward” for a successful virus, therefore increasing the occurrences of hacking attempts; simple supply and demand.

As viruses, malware, and hacking became a significant risk to personal and business systems, efforts to thwart these attacks became prevalent. Whether through improved encryption, smarter internal processes, or software such as antivirus, organizations have taken steps to protect their business systems from cybersecurity threats.

There is a myriad of resources to learn how to protect devices like laptops, PCs, tablets, and cellphones from cybersecurity attacks. For that reason, we shift our focus to the two systems that receive less attention but are vulnerable to significant attacks when left unprotected, especially in a growing IoT industry – shop systems and vehicle systems.

Shop Systems

For this article, we define shop systems as the electronic tools technicians, service writers, and others within the shop environment use to diagnose and repair vehicles. There is some overlap with business systems, as many of these systems are laptop or tablet-based, but with some special considerations because they communicate with the vehicle.

Due to the similarities, it is recommended to equip shop systems with the same cybersecurity applications as your business systems to combat instances of malware, viruses, and similar attacks. Additionally, shop personnel should receive similar training to follow best practices, such as how to identify potentially malicious files or websites.

Pay special attention to systems that require constant internet connection and activity, such as those at the parts counter. These PCs and tablets are more vulnerable to attacks simply because being constantly connected opens the door for hackers to access the device.

A concern with shop systems is the software used to communicate with trucks. A majority of aftermarket and OE applications are capable of bi-directional communication with the truck, meaning they can read information from the vehicle and give commands back to the truck. Bi-directional controls are a critical part of the repair process, but technicians should only utilize them from trusted applications. For this reason, never purchase pirated software copies or from unauthorized dealers, as you run the risk of compromised applications having access to the truck’s communication channels.

Vehicle Systems

As IoT quickly gains momentum in the industry and shifts focus toward autonomy and advanced driver assistance technology, the need to protect trucks from cybersecurity threats is more significant than ever. Historically, making malicious adjustments to a vehicle required physical access to the truck, but with today’s technology, hackers can potentially modify or disable safety systems from afar.

Whether it is a telematics company, an aftermarket device, or any other third party that will receive access to your vehicle’s data and components, act vigilantly to learn how they will safeguard the access. Ask questions about whom they give access to, how they encrypt the data coming off the vehicle, and what their processes are for ensuring only authorized users can access the data.

Protecting your Organization

Now that we’ve highlighted the risks associated with each type of system within an organization let’s look at the best practices to protect from cybersecurity threats. The first step is simply awareness; understand what threats can affect your company and initiate conversations about which actions are necessary to alleviate those threats.

Recognize that cybersecurity is an ongoing concern and you can’t just create a solution and consider yourself protected. You must develop and implement cybersecurity policies across the organization, train employees on the plans, and routinely audit yourself to ensure those policies are up to date and adhered. Test your employees to ensure they are applying best practices, even if that means staging a fake attack to gauge their response.

Whether the need is driven by new, emerging threats or by technological advancements that better protect the organization, it is critical to keep pace with change to ensure your organization can defend itself.

Protecting your Shop

Once you establish organizational processes, consider special precautions to safeguard your shop systems and the vehicles they connect to.

If your shop systems connect to the internet, they are just as vulnerable as your business systems. For this reason, IT professionals who understand cybersecurity should manage these devices. If this option isn’t feasible in-house, consider outsourcing the management of shop devices to a service like Noregon’s Diagnostic Management Tool service that handles cybersecurity and antivirus efforts in addition to other services like procuring, updating, and troubleshooting software.

Train technicians to be vigilant. If a technician detects an electronic component on the vehicle that looks like it may not belong, he or she should report the issue. All devices and applications that technicians connect to a truck should be verified and approved, and internet access in a service bay should be limited to those devices.

All networks (local or cloud-based) used in the shop should be secure up and down its lifecycle chain. Hardware and software should be purchased from reputable sources to avoid applications that are susceptible to backdoors that serve as an attack vector.

Finally, avoid writing down passwords in clear view. Shop device passwords should only be accessible to those who need the information and should be stored somewhere secure, rather than somewhere that could potentially be in plain sight of others.

Final Thoughts

The best applications and processes for avoiding cybersecurity threats may change, but the policies of training, educating, and being proactive remain the same. We recommend joining TMC committees and participating in programs such as the American Trucking Association’s Fleet CyWatch. Ensure your security policies are in place, up to date, and regularly audited. If you can’t create a staff of cybersecurity experts, outsource that aspect of your organization.

Always remember that shop and vehicle systems deserve as much attention as business systems. Hire the correct people, provide ample training, and remain educated and proactive on emerging threats to stay ahead of the curve and combat attacks to your systems.

This article was sponsored by Noregon Systems. For more information, please visit our website at www.noregon.com

You May Also Like

Hutchens-Industries-logo
Sponsored Content

From hands-on training to video-based learning: Keeping truck technicians trained

Hendrickson’s service philosophy on how to teach the next generation of technicians.

Hendrickson
By Hendrickson
Published:

The combination of a global pandemic and rapidly evolving truck and trailer equipment and technology forced changes in every trucking industry segment, including technician training. All that while the industry was already facing a technician shortage. Through it all, keeping trucks and trailers in safe and productive working order was key to survival as average lifecycles lengthened. Tough times called for innovative solutions.

Read Full Article

More Sponsored Content Posts
The Future of Trailer Telematics: Going Beyond Track & Trace

The Benefits of Integrating Trailer Telematics with Fleet Management Systems

By Road Ready
Dana Products, Education, and Programs Offer Optimized Uptime

At Dana, we do a lot more than manufacture high-quality replacement products to Original Equipment standards. Through the expertise of the Dana Training Academy team, we work to ensure you have the knowledge and training you need to properly install and service our products for longer life and maximum performance, with the ultimate goal of

By Spicer®
The ever-improving truck parts availability, efficiency relationship

Right part, right place, right time moves toward 24/7 availability.

By Aftermarket Auto Parts Alliance
Improve your aftertreatment diagnostics today

DPF Regens Performing regens, whether passive or forced, is necessary as they help to remove the soot buildup, prevent filter blockage, and increase the longevity of the DPF. By removing the accumulated soot, regens can help create a well-maintained DPF that lasts longer and avoids the hefty costs of replacing it. Passive Regens A passive

By Noregon Systems

Other Posts

How fleet management tools can help increase fuel efficiency

From fleet cards to EVs and data, all work together to help save on costs.

By Jim Perkins
generic-fuel-efficiency-fleet
Trade Show Talk: Trends kicking off 2024

Alternative fuels, connectivity, efficiency—there’s been plenty to report on from trucking trade shows, but which topics stuck out most?

By Kevin Linger
trade-show-Talk-work-truck-week-tmc-geotab-connect-hdaw
Noregon and Phillips Connect on their partnership, trailer health and data

Sandeep Kar of Noregon and Mark Wallin of Phillips Connect join On the Road to answer questions about the new partnership.

By Alex Crissey
phillipsNoregon-1400
BeyondTrucks, Samsara announce free integration

The companies say customers can have their real-time data connected within a few clicks at no cost.

By Kevin Linger
BeyondTrucks-Samsara-IntegrationCOMBO