Connectivity is changing commercial truck fleet operations. While the development of autonomous heavy vehicles is still in early stages, fleet owners have been increasingly relying on “connected” trucks to improve their uptime, safety, fuel efficiency and tracking, among other things.
But every connected technology — from telematics and remote diagnostics to in-cab software and on-board IoT devices like cameras — adds new cybersecurity vulnerabilities. Each of the technologies comes with security risks, and with everything interconnected, the exposure is exponential.
Frost & Sullivan forecasts that 55 percent of commercial trucks in North America will be connected by 2025. As connectivity becomes “the way of the future” for the industry, fleet owners and operators need to consider the implications. How can they control the cybersecurity risks while still embracing innovation?
Hacking connected trucks
There’s been a lot of discussion in the media about the cybersecurity risks of connected and autonomous passenger vehicles. For commercial trucks, or “heavy vehicles,” these concerns are even bigger. Their network architecture is similar, but what makes them more vulnerable is the extensiveness of their connected features, says Urban Jonson, chief technology officer for the National Motor Freight Traffic Association, Inc. (NMFTA), a nonprofit membership association.
“The difficult part of hacking vehicles is gaining access, ideally remote access,” he says. “While passenger vehicles are just now becoming connected through telematics systems, heavy vehicles have been more pervasively connected through satellite and cellular communications linking to telematics, fleet management and engine management applications for quite some time. Consequently, heavy vehicles currently have more avenues for remote access than light vehicles.”
Cybersecurity researchers — aka white-hat hackers — have already shown that hacking big trucks is possible. In 2016, researchers from the University of Michigan were able to send digital signals within the internal network of two rigs (Read more...)
*** This is a Security Bloggers Network syndicated blog from Infosec Resources authored by Rodika Tollefson. Read the original post at: http://feedproxy.google.com/~r/infosecResources/~3/EeKDCc9F7Ak/