A zero-trust environment, multi-factor authentication, and continuous training are keys for trucking companies that want to maintain cybersecurity. After all, computers will do what they are programmed to do, but humans remain the weakest link.
And there seems to be no shortage of risks.
Cybersecurity professionals at the National Motor Freight Traffic Association’s Digital Security Conference highlighted examples such as ransomware, phishing campaigns, and social engineering attacks that can wipe out assets and corporate reputations.
Creating a culture of security is vital, said Transcard chief technology officer David Samples. Open gateways can allow humans to affect change in a system or dataset, and that’s where a zero-trust environment comes into the picture.
“All it might take is an employee trying to do their job well and someone who understands technology and how people think can take advantage of it,” he said.
Protecting assets costs money, but a breach is way more expensive, added Michael Oberlaender of Global CISO. A company must identify and protect its crown jewels. He reiterated the importance of a zero-trust environment, adding that segregating a network has helped secure enterprises.
Don’t be the easiest score
Samples described hacking as a business, making it important to ensure fleets are not an easy score for the bad guys.
“If you are running away from a bear, you don’t have to be the fastest. You just can’t be the slowest,” he said.
Cyber criminals can determine if networks are segregated fairly easily, he added.
“This tells the bad buy this is not going to be a walk in the park. Is the effort going to be worth it? When security is in onion layers, as it gets harder, you become disenfranchised, you start looking for the next score, you are not looking for the challenge.”
Social engineering attack
When a bad actor gets into a fleet’s system and compromises something as simple as a business email account, the information can be used for a social engineering attack.
Ernesto Ballesteros, cybersecurity state coordinator, Cybersecurity and Infrastructure Security Agency, said that could be a precursor to ransomware, where malicious content is sent through email attachments, enter a victims’ networks, and move around to find, target, and execute an attack.
While strong passwords offer a sense of security, those begin to crumble when employees use the same passwords for personal and work emails.
Clarke Skoby of the U.S. Secret Service said when a personal email is compromised in such situations, the attacker can then get into the business account.
Once the work account is compromised, criminals can create an inbox rule that funnels emails with words like “bill” or “invoice” in their headings, Skoby said. Then they will make up their own bills that look legitimate, purchase a domain name similar to the original email’s source — replacing a word like “water” with “vvater” — and send an email to a customer or vendor to say banking information has changed and asking for payments to be sent to a different account.
Strong passwords
Drew Williams, director of ThreatRecon Cybersecurity Services and CISO Guidacent, said size does matter for passwords.
“Don’t share them, don’t reuse them, and replace them as needed,” he said.
To strengthen a password, combine a lyric or poem with numbers, upper and lowercase characters, and include special characters, Drew said.
Global CISO’s Oberlaender also stressed the need for immutable backups residing in multiple safe locations where they can’t be overwritten.
Immutable backups
After an attack has been noticed, bad guys can sometimes linger in a system for months, spreading malware into a fleet’s backup environment.
“If you think you are safe and want to reinstall it from your backup, you are doomed, because the same thing happens again and again,” Oberlaender said.
Companies should create a playbook that lists about 150 types of attack that could occur, Oberlaender said. With that, team members will know what to do in each scenario, even if they may have to adapt slightly.
If the playbook is stored off the network, and staff are trained and tested, crises can be controlled more quickly, he added.