While the trucking industry has seen a rapid infusion and evolution of technology for some time, but it certainly has accelerated in the last five years. Our regular readers will recognize the STC coined “shiny object syndrome” wherein many of us get enamored with new technologies. The challenge is to look beyond the flashy new thing that seems too good to be true. As you contemplate technology deployment, your plan needs to include a data management strategy that incorporates a component to address attack vectors, targets, consequences, and outcomes associated with a potential cybersecurity attack.
As new technologies are integrated into our systems one of the last things companies consider is often security risk. While cybercrime is not a new phenomenon, cybercriminals have attempted to infiltrate multiple transportation, logistics, and shipping companies in recent months. Since July 2021, one cybercrime intelligence firm observed seven instances of brokers advertising network credentials or other types of network access. The criminals obtained network credentials through known vulnerabilities in remote access solutions, including Remote Desktop Protocol, Citrix, and SonicWall.
Trucking, logistics, and other sectors of the supply chain are attractive cyber attack targets because of the many customers who produce a high volume of transactions, which results in multiple entry points and potential vulnerabilities. The government is starting to take notice too. DHS and TSA recently announced that they are looking to add requirements for information sharing to companies in the transportation sector. In addition, the Cybersecurity & Infrastructure Security Agency has developed an Autonomous Ground Vehicle Security Guide to offer guidance to help stay ahead of the curve.
It’s hard to keep up with the digital transformation taking hold in the supply chain with the rapid introduction of new technologies and digital communications between companies. Every one of these deployments opens opportunities for a potential security incident. As you consider technology and system changes in your operations, make sure to develop a data management plan that includes strong cybersecurity elements that identify and address vulnerabilities. Further to this point, don’t lose sight of the fact that the criminals are always evolving their strategies, so cybersecurity is an ongoing need, you just can’t set it and forget it.