Trucking Must Stay a Step Ahead in Battling Digital Theft
[Stay on top of transportation news: .]
Fleets and trucking companies historically haven’t worried too much about cybersecurity. In some instances, it has been looked upon like insurance.
“It’s the best comparison out there: No one wants it until they need it,†said Carla Treviño, EV director of multinational security firm Irdeto.
It is, however, a growing worry. Many trucking companies have been hit by cybersecurity breaches in the last few years. Firms large and small are falling victim to the scams, with reports coming from small operations with 20 trucks or fewer to larger companies such as Estes Express Lines and Ward Transportation and Logistics. Thieves are targeting business systems, physical cargo, personal data and everything in between.
Estes ranks No. 11 on the Transport Topics Top 100 list of the largest for-hire carriers in North America. and Ward ranks No. 94.
, senior vice president of information technology and cybersecurity services for security training firm Serjon, said trucking companies have been slow adopters of cybersecurity technology, noting, “If it doesn’t have wheels and doesn’t move freight, there’s not a lot of interest to invest in it.â€
´³´Ç²Ô²õ´Ç²ÔÌý
Day-to-day concerns, like operational challenges, equipment costs and fuel expenditures, tend to have a higher priority than a nebulous threat somewhere in the future, Jonson said. “Unfortunately, it’s one of those things that doesn’t become relevant until it happens to you.â€
“Cybersecurity is always a cost center,†said Artie Crawford, director of cybersecurity at the . “It never produces any revenue.â€
Companies must shift their thinking, he said, to realize that solid cybersecurity can protect revenue.
“If you’re not targeted or you’re not a victim of ransomware or something of that nature, then you’re in good shape, right? Your cyber’s doing their job,†Crawford said. “But if you are, then you start to realize how important cyber is.â€
Companies working in cybersecurity are in an arms race to stay ahead of criminals, respond to the latest threats, then anticipate what comes next.
³Ò°ù´Ç±¹±ðÌý
“Many of our members have essentially a war room of IT professionals working on cybersecurity,†said Kevin Grove, director of safety and technology policy for. He explained the modern Class 8 commercial truck is a rolling internet connection point: Systems communicate through cyberspace for safety, efficiency, customer and government compliance.
“The ecosystem of all those devices playing together and kind of creating a very bumpy threat surface,†Grove added. “Trying to protect ourselves against it is a challenge.â€
Threat Surfaces
Cyber professionals talk about threat surfaces and attack surfaces — the playing field on which cyber criminals can find vulnerabilities and ways to infiltrate a company’s systems and steal money, data or products.
°ä°ù²¹·É´Ú´Ç°ù»åÌý
Crawford said the “threat surface†for the trucking industry is extremely widespread.
“Not only do you have the infrastructure aspect of the things in the back office, like accounting and billing, shipping, receiving, purchasing,†Crawford said. “You also have the aspects of everything that takes place on the docks.â€
Any automated or electronic system is a potential vulnerability. Smart tow motors and forklifts, handheld scanners, even the charging systems and power cords, can create entry points for criminals to attack company systems.
Current threats against the trucking industry include email compromises, ransomware attacks, cyber-enabled cargo theft, insider threats and identity-based attacks.
Email compromises have been around as long as email itself. Scammers and cyberattackers use embedded malware, fraudulent links and traps to steal login credentials and other passwords.
“We talk about phishing and ‘don’t click on’ links, but it’s still 2025 and people are clicking on links,†said Erika Voss, vice president and chief information security officer at DAT Freight & Analytics.
Ransomware
Ransomware, one of the most serious current cyberattacks, is where cybercriminals are more organized and sophisticated. Most ransomware software is developed by criminal organizations, operating in foreign nations such as Russia, North Korea and China. Those organizations are usually going after large targets. They gain access to the firms’ data and refuse to hand back control until a ransom, usually in cryptocurrency, is paid.
Mostly, those top-level crime organizations won’t target a trucking company. However, they do lease access to their malware to lower-level operators in exchange for a portion of the proceeds.
´Ü²¹³¦³ó´Ç²õÌý
“The lower-tier criminals go out and for them it’s worth their while to go after a medium-sized truck company, small business. It’s just a matter of the odds,†said Mark Zachos, founder and president of DG Technologies and director of University of Detroit-Mercy, where he oversees the Vehicle Cyber Engineering Laboratory.
“They’ll just do a broadcast email and occasionally they’ll get a phish and it’ll pay off. They get credentials,†he said, adding those credentials can allow complete access to a company’s systems, information about redirecting loads, or access to financial accounts.
Ransomware crimes have targeted every industry. Some governments or companies pay, and others rely on the systems they’ve built to recover from the loss.
“An event like that could end a company. If you can’t move freight for few weeks, you may take a hit, but if you can’t move it for a month, you may be out of business,†said Jonson, adding that it takes three to 20 days to fully recover from a ransomware attack, depending on the complexity of the systems.
Deceptive Cyber
Cyber-enabled cargo theft is a new twist on an old crime. Criminals can replicate trusted business partners’ contacts or credentials and redirect loads. This can be a result of passive intrusion, said Grove.
“They’re trying to find information about your operations, maybe to target you for physical theft of cargo or other sorts of things that won’t lock you out of your system. But the data will still be used to do something to your operations,†Grove said.
Crawford said criminals have shifted from targeting “serialized†cargos — things like appliances or electronics that will power up and tap into an internet network, “phone home†and possibly help lead to the criminals’ whereabouts.
Host Seth Clevenger and TT's Connor Wolf discuss CES 2025 and the emerging technologies that could push the trucking industry forward. Tune in above or by going to .ÌýÌý
Instead, thieves are targeting commodities like toilet paper, household products, building products, energy drinks and other consumables. He noted cases of thieves making off with $200,000 worth of bacon and 40,000 pounds of crab meat.
Voss explained that she’s seeing an increase in identity-based attacks and, unfortunately, insider threats.
“We don’t want to believe we have bad people on the inside, but it is also becoming the new norm,†she added. “Whether it’s malicious or not, people are struggling.â€
Criminal AI
Identity-based crimes are a growing concern, Voss said, powered by increases in AI, leading to extensive brand damage.
“When you think about it from an AI perspective … we worry about, what does it mean to have your identity stolen and, how that stolen identity turns into a brand reputation impact for you,†she said. “Identity is, even from a cyber perspective, a space we didn’t do well in, and I think now we’re realizing we all need to go focus on it even more.â€
³Õ´Ç²õ²õÌý
Sophisticated advances in AI mean deception in features such as facial recognition and other computer-based identity systems are more easily produced, she said.
Grove said it’s also important to create a culture where employees can call out suspicious activity, such as empowering them to do their due diligence on accounting and searching for improper activity.
Treviño explained that it’s important to have someone in-house who is tasked with being a bit of a resident cybersecurity expert:
“[This person should be] aware of the problems, know the vulnerabilities, the specific industries and how they manage it,†she said, adding that managers should also think about the investment costs.
“What is the worst-case scenario?†Treviño said. “What’s the minimum investment that I can do to not get to the worst-case scenario?â€
Truck Hack
There’s another threat out there, one that hasn’t been seen in the real world — yet. “The trucks themselves are vulnerable,†said Jonson.
Ìý°Õ°ù±ð±¹¾±Ã±´Ç
Treviño agrees, saying criminals could focus on learning how to hack trucks for financial reasons. “There’s motivation because the trucks are usually carrying quite valuable loads,†she said.
There are other concerns with trucks, especially as autonomous systems come online. “The effect that a hack could have goes way beyond the impact of hacking, say, a passenger car,†Treviño said. “You could damage the logistics of an entire city.â€
Crawford said the risk of terrorists taking over individual trucks is low, but the damage would be high.
“I could get ahold of three or four trucks all crossing a bridge at the same time and stall them in traffic†Crawford warned. “I could shut down a bridge for that matter. It becomes a concern for state-sponsored terrorism-type attacks.â€
Taking Action
Cybersecurity experts say there are things that even the smallest companies can do to mitigate their risk of attacks:
• Turn on multifactor authentication for systems.
• Dedicate time to keeping abreast of the latest threats, using tools like Fleet CyWatch to learn about new dangers.
• Have someone in the organization who has dedicated time to keep informed about cybersecurity.
• Hold frequent training sessions for all employees, creating a culture of cyber safety, similar to workplace safety programs.
Grove said he’s concerned about attacks that aren’t financially motivated. Terrorists could target infrastructure using hacked trucks or hacked systems to cause other problems, like preventing aid from flowing to areas of natural disasters.
That’s why Zachos tasks his students in the Vehicle Cyber Engineering Laboratory to learn how trucks can be hacked, and guard against it.
“The idea in education," is to create more technically competent people that when they go into the workforce, they can help companies, trucking organizations and so on, with that knowledge,†he said.
Zachos, who is a cybersecurity leader and competition judge for the , plants a bug inside one of the truck’s systems to teach students during training and tech competitions.
“They’re challenged to figure out what it is,†he explained. “They don’t have to fix it, but they’re challenged to figure it out.â€
Want more news? Listen to today's daily briefing belowÌýor go here for more info:
