The threat of cyberattacks against North American trucking companies has never been greater, prompting Serjon to create an online cybersecurity training and certification program for small- and medium-sized businesses.
Urban Jonson, senior vice-president of information technology and cybersecurity services at Serjon discussed the importance of the program during a press conference at the Technology & Maintenance Council’s spring meetings.
He noted on Feb. 7, the U.S. National Security Agency issued an advisory claiming that there is interest from the People’s Republic of China to be able to cripple U.S. infrastructure, including trucking.
On Feb. 26, meanwhile, a report titled Commercial Vehicle Electronic Logging Device Security from Colorado State University revealed the vulnerabilities of ELDs. It showed it’s possible to compromise an ELD remotely and then spread to other devices on the same network.
“The urgency to start to address these issues is upon us,” said Jonson. “The more you can do to address the issue and reduce your risk profile before an event, the less impact it will have and the less it’s going to cost you.”
Trucks are vulnerable because once a bad actor has gained control of its systems it can feed the vehicle false information. For example, a hacker could lead the truck to believe it is out of diesel exhaust fluid, causing it to derate into limp mode. And then do the same to all the other trucks on the same network.
Jonson also suggested there will be more reporting requirements introduced, forcing fleets that have been victimized by a cyberattack to disclose that information. Most small businesses are out of business within six months following a cyberattack, he added.
Training modules offered by Serjon cover: cybersecurity basics; firewalls and end point protection; computer equipment setup and configuration; building recoverable environments; defending heavy-duty vehicles, and more. For details visit www.serjon.com or learning.serjon.com.