CLEVELAND — Lucky timing and a software update recently saved Werner Enterprises from a cyberattack on its systems.
One afternoon three months ago, an employee received a malicious PDF, and the carrier updated its SentinelOne software that evening. The email went unopened until the following morning.
“The night before, we had just happened to get the update that isolated that particular worm,” Werner EVP and CIO Daragh Mahon said Oct. 29. at the National Motor Freight Traffic Association’s Cybersecurity Conference. “We got really, really lucky.”
The close call was a reminder of the cyberattack threats carriers face as well as the importance of regular system upgrades and other technology investments. Trucking industry executives are putting more support behind cybersecurity efforts, conference speakers noted. That includes trucks themselves, which can face hacks.
The stakes are even higher following a new Securities and Exchange Commission disclosure rule from last year targeting potential financial fallout of cyber attacks. The regulation requires publicly traded companies to report cybersecurity incidents within four business days if they have or would likely have a material impact on a company.
But a variety of strategies can prevent such incidents, including developing the right workforce, getting buy-in from company leadership, and building relationships with government resources, according to conference speakers.
Daimler efforts on prevention
This year, Daimler Truck North America’s cybersecurity team for autonomous vehicles has done three different security demos for leadership to provide hands-on experience for what it’s like for a truck to be hacked, group manager Robert Zimmerman said at the conference.
He noted executives had awareness in the past, but recently, he’s observed leadership using cybersecurity terminology in addressing issues at meetings.
Daimler will produce its fifth-generation Cascadia next year, and Zimmerman said cybersecurity was considered in the design from the beginning, providing a significant breakthrough from previous generations.
“We fully expect ... the threat landscape to continue to change, and that we will need to react to that in some way,” he said. “Now we have a platform where we can react, and we can deploy ... updated software, updated controls to address the threats as they come.”
Practicing how to respond
As part of the three-day NMFTA conference, cybersecurity leaders conducted a business continuity tabletop exercise to simulate an attack. Event coordinators noted the importance of preparing for such events and including trucking leaders, a company’s board, legal staff and even the FBI.
“Involving them in this in the beginning is crucial,” said Art Ocain, VP of incident response and disaster recovery at cyber defense firm Airiam.
Plans can break down when cyber incidents occur and people start to panic, said Steve Hankel, VP of IT at Johanson Transportation Service.
Carriers need not be afraid of opening their systems to the FBI since they’re there to help, according to presenters.
Forming relationships with federal agencies such as Cybersecurity & Infrastructure Security Agency is vital, speakers said, and that helps form a connection with so cybersecurity responses are not wasting time in responding to an incident.
