Page 64 - Security Today, March 2020
P. 64
“Ransomware attackers are always looking for new areas of the econ- omy to exploit, and innovation in the commercial automotive space is providing a lucrative opportunity.”
by ransomware attacks, followed by financial institutions and professional services industries.
Frighteningly, many of these studies are overlooking the looming and existing danger posed to the automotive industry, as ransomware attacks continue to proliferate and expand to new sectors in 2019. Most recently, the public sector was hit with at- tacks on the cities of Baltimore, MD, and Lake City, FL.
Beyond those threats, there has also been an increase in at- tacks on supply chain businesses. For example, Norwegian manu- facturer Norsk Hydro was hit by a ransomware attack that af- fected its production and IT systems. They were an opportune target due to the sheer amount of money lost by holding just one part of a large and lucrative supply chain hostage. It is expected that ransomware will only continue to grow based on insurers’ often succumbing to ransom demands and enabling what many call the “extortion economy.”
Why Commercial Trucking
Is At High Risk
Ransomware attackers are always looking for new areas of the economy to exploit, and innovation in the commercial automo- tive space is providing a lucrative opportunity. As trucks continue to become more connected through multiple networks and au- tomotive computers, they open up a new and vulnerable attack vector for malicious hackers to enter these systems.
The cyber-hijacking of a Jeep in 2015 proved cars can be hacked, and the biggest reason that ransomware attacks are not commonplace in the automotive industry yet is simply a lack of monetization and scale, as well as an industry prerogative to keep these new stories quiet.
Both advances in Fleet Management Systems (FMS) for com- mercial trucking and the emerging practice of truck platooning create numerous vulnerabilities for ransomware cybercriminals to capitalize on these affluent trucking companies and the insur- ers tasked with writing their policies. Imagine a trucking fleet of perishable food products or expensive medicines is stopped by a hacker en route to customers. Companies would be extremely incentivized to quickly pay a ransom.
FMSs are the central computer – and the heart – of a com- mercial trucking operation, enabling a series of highly important and specific tasks in the management of any or all aspects relating to a company’s fleets of vehicles. These specific tasks encompass all operations from vehicle acquisition to disposal and coordina- tion between ports and drivers.
Software, depending on its capabilities, allows additional functions such as recording driver and vehicle details, the track- ing of procurement costs, scheduling of maintenance and servic- ing tasks, import of fuel transactions, and measuring of fleet per- formance via reports and charts. Considering how central long or short-haul trucking is to many businesses around the world, losing visibility or control of the systems would be catastrophic
– even for a moment.
If hackers can penetrate just one vulnerable truck in the fleet,
they can access the entire system and shut everything down. Lo- gistically, that could result in millions of dollars of lost revenue and put future business at risk, aside from the obvious driver safety issues that could potentially arise.
Additionally, there are more dollars in question here. The driver safety concern is also amplified considerably based on the way the trucking industry is progressing. As buzz grows around the future of autonomous trucking, it is not just the communica- tion and business operations that can be affected, but also the trucks themselves.
While fully autonomous trucking fleets are years away, truck platooning is just four to eight years off. One company leading the charge is Peloton, who announced its “Level-4” autono- mous platooning system back in July 2019. In truck platooning, one driver controls a small fleet of trucks directly behind them through vehicle-to-vehicle (V2V) communication that mimics the movements of the driver, which saves gas mileage through draft- ing and reduces the number of drivers needed on staff.
As with any emerging technologies, there are kinks to be worked out, including adjusting speeds and brake timing for dif- fering cargo weight. Cybersecurity that protects these trucking fleets from attacks has become a necessity, not a luxury or “nice to have,” and must be carefully considered before these technolo- gies become the new normal on the road.
Approaching Security of
Connected Trucks
Vehicle security differs widely from enterprise security because of the many moving systems involved. All modern vehicles con- tain up to 150 electronic control units (ECUs), with commercial vehicles typically housing at least 40 ECUs. In all cases, there is a central ECU that in-vehicle and external communication passes through for each vehicle functionality channel, such as keyless entry, anti-vehicle theft systems, infotainment and telematics, which are constantly transmitted back to the OEM.
The challenge with cyber protection for these ECUs is that every time a new connected feature is added to the vehicle, it is just another vulnerable access point for bad actors to enter the system. Therefore, it is not appropriate to have cybersecurity so- lutions block each attempt to penetrate the vehicle, but to instead lock down and consolidate all in-vehicle communication to only allow a single type of approved communication to alter function- ality. Vehicles require this deterministic model of cybersecurity because randomness of attacks cannot be tolerated when the ob- ject is a fast-moving vehicle and lives are on the line.
As all industries cope with the growth of the extortion econo- my and the widespread proliferation of ransomware, it is impor- tant that vehicle safety become a proactive conversation instead of a reactive one. It is only a matter of time before we see vehicle cyberattacks become mainstream, and the auto industry must es- tablish a safety standard for cybersecurity that
can adequately protect against bad actors who
want to control our vehicles and our lives by
extension.
Moshe Shlisel is the CEO and co-founder of GuardKnox.
62
0320 | SECURITY TODAY
CYBERSECURITY