Fleets Shift Focus to Secure Against Operational Disruptions Following Cyber Attack

YANIV MAIMON

VP Cyber Services

September 26, 2023

Fleet management solutions are indispensable in fleet operations, offering essential insights into vehicle inventory and status, helping to monitor driver behavior and safety, and more. As these systems evolve with increased connectivity, they also become more exposed to potential cyber threats. APIs, which are integral to modern fleet operation services, should also be considered among the cybersecurity threats facing fleet management solutions.

Ransomware attack on leading fleet management service disrupts fleet operations in the US, forcing truck drivers to manually log hours

A recent incident underscores the potential impact of cyber-caused operational disruptions in freight fleets. A ransomware attack led to service outages for a notable trucking and fleet management solutions provider. Several freight operators that were using the service reported losing visibility into the state of their fleet and inventory.
This attack rendered the company’s electronic logging devices inoperable, prompting truckers throughout the US to revert to traditional paper logs. Since regulations allow truckers to use paper logs for only eight days within a 30-day period, there was genuine concern about their ability to continue operations. To address this, the US Federal Motor Carrier Safety Administration issued a temporary waiver, permitting the use of paper logs until the digital service is reinstated.

In response, the affected company engaged external cybersecurity experts to investigate the incident. They are actively working on restoring services and have reached out to all impacted clients, ensuring they receive regular updates until the service is back to its full capacity.

When fleet management services face disruptions from cyberattacks, the challenges are numerous. Such interruptions can ripple throughout the mobility ecosystem, leading to operational setbacks, delays, and potential revenue losses. But the impact of these disruptions is not limited just to the mobility ecosystem, they can have far-reaching implications on everyone who relies on the products being transported by commercial fleets, causing delays in the delivery of goods and potentially product shortages.

ENISA warns transport sector of growing ransomware threat

Recently, the European Union Agency for Cybersecurity (ENISA) identified ransomware as a primary cyber threat to the transport sector. The agency highlighted the growing risk to operational technology (OT) systems in the transport sector, especially as digital transformation efforts bridge the gap between traditionally separate IT and OT systems. ENISA’s observations suggest that the transport sector’s need to quickly resolve ransomware situations to prevent significant business and societal impacts might inadvertently encourage more attacks.

To navigate these challenges, ENISA underscores the importance of robust cybersecurity measures for the transport sector.

Implementing a purpose-built detection and response platform (XDR) can help fleets and fleet management solutions secure their assets and applications against cybersecurity threats

The Upstream Platform serves many of the largest OEMs and fleets worldwide, securing millions of connected vehicles and billions of API transactions. Upstream’s recently launched API Security solution is uniquely designed to correlate between API traffic and the contextual impact they have on operational systems and assets. This is a critical element in securing mobility and transportation services that manage vehicles on the road.

The solution layers API discovery and monitoring with best-of-breed detection and response to protect applications and services against direct and third-party vulnerabilities, attacks, misconfigurations, and design flaws.

The Upstream Platform is agentless and does not require the installation of software or hardware. This enables customers to benefit from rapid deployment, providing quick time-to-security with onboarding of various mobility assets and applications with no downtime or servicing needed.

Discover how you can mitigate operational disruptions and secure operational APIs from cybersecurity attacks and vulnerabilities with a demo of the Upstream Platform.

 

 

Newsletter Icon

The 2024 Global Automotive Cybersecurity Report

Newsletter Icon

Subscribe
to our newsletter

Stay up-to-date on the latest trends, emerging risks, and updates

As Cyber Risks Escalate, ISO/WD 24882 Sets New Standards for Safety and Availability in Agricultural OEMs

The digital transformation sweeping through the Automotive and Mobility ecosystem has also made its mark on the Agriculture sector. As a result, OEMs, suppliers, and…

Read more

SIM-Enabled IoT Devices as Critical Infrastructure: The Data Imperative

In our ongoing series exploring why SIM-enabled IoT devices in the automotive and smart mobility ecosystem should be classified as critical infrastructure, we’ve examined two…

Read more

Ensuring Continuous Operations: The Critical Role of SIM-Enabled IoT in Mobility

In our ongoing series, exploring the critical nature of SIM-enabled IoT devices, we’ve previously discussed the safety implications of these devices. Our H1’2024 report identifies…

Read more

SIM-Enabled IoT Devices as Critical Infrastructure: The Safety Imperative

Upstream’s latest H1’2024 report asserts that SIM-enabled IoT devices in the automotive and smart mobility ecosystem should be classified as critical infrastructure. This classification is…

Read more
Skip to content