Tag Archive for: truck

Its too easy to hack a semi truck


In a few weeks, in a hotel parking lot in Houston, Texas, the National Motor Freight Traffic Association (NMFTA) team will make a tanker truck do some very troubling things.

It’s going to chuff its brakes and it’s going to make strange and uncomfortable noises, an indication that the truck is dumping its pneumatic air supply, which is not an example of optimal vehicle performance. But we’re going to make it happen.

The alarming part of this demonstration? We won’t even have to get in the truck to do it, nor will we need to take advantage of modern wireless technologies like Wi-Fi or Bluetooth.

Instead, Ben Gardiner, NMFTA’s senior cybersecurity research engineer, will use a budget antenna of two wires, through which he will deploy radio frequency signals to send the command to the trailer powerline network. That’s it.

This alarming live demonstration of how easy it is to hack into a vehicle using rudimentary technology should make everyone nervous. That’s why we’re hosting the Digital Solutions Conference on Cybersecurity in Houston, Texas, Oct. 22-25.

Our goal is to help LTL carriers understand the gravity of how important cybersecurity is to our industry and to learn how to prepare for and prevent a cyberattack.

It shouldn’t be this easy to hack into an LTL truck, but it is because the trailer brake controllers use code from the 1980s. The controllers themselves were developed in the ’90s by sticking converter chips in front of the existing code, from an era when no one had any reason to worry about things like encryption or authentication.

We’ve seen more than a few vulnerabilities in assets over the past few years. And one big problem where the assets are concerned is that it’s far too easy for skilled hackers to commandeer a trailer’s diagnostic system. That’s because this same 1990s technology (trailer powerline networks) is still prominent on all trucks and trailers in North America since 2001. Fleets love to get decades’ worth of service out of their vehicles, and even in the 1990s truck manufacturers were doing an excellent job of building in quality that would stand the test of time. But cybersecurity wasn’t on the…

Source…

Truck hacking: a New Age road hazard


Speaker 1 (00:00):

This week’s 10-44 is brought to you by Chevron Delo 600 ADF ultra low ash diesel engine oil. It’s time to Kick Some Ash.

Jason Cannon (00:09):

Flat tires, fault codes, and now being hacked. These are the hazards of the new age highway.

Speaker 1 (00:15):

You’re watching CCJ’s 10-44, a weekly webisode that brings you the latest trucking industry news and updates from the editors of CCJ. Don’t forget to subscribe and hit the bell for notifications, so you’ll never miss an installment of 10-44.

Jason Cannon (00:29):

Hey, everybody, welcome back. I’m Jason Cannon and my co-host on the other side, as always, is Matt Cole. Hacking and cyber attacks are faceless strong-arm robberies. Internet pirates can shut down a carrier’s entire operation in a matter of minutes from thousands of miles away, but these incidents aren’t isolated just to back-office systems. Technology has granted sophisticated attackers a means into the truck itself.

Matt Cole (00:53):

All the new technology and connectivity within vehicles like tractor trailers not only makes vehicles smarter and improves efficiency, but it’s also a new attack vector for cyber criminals.

Jason Cannon (01:04):

Fleet Defender CEO and founder, Terry Reinert, joins the 10-44 this week. And while it sounds something like out of the Fast and Furious, he says the capabilities exist for cyber attackers to hijack a rig while it’s rolling down the road with the driver inside.

Terry Reinert (01:19):

So if you’ve got a satellite terminal, if you’ve got cellular modems, from part of your telematics, your ELD, or whatever else, so there’s different vectors in there. Even some of the more modern trucks, they’ve got upwards of seven or eight different wireless connectivity to the vehicle itself. But there’s other really interesting attack vectors against vehicles. Like the National Motor Freight Trucking Association, they released information about eight months ago on a vulnerability that would allow anybody with a small little software-defined radio, probably cost like 50 bucks down at the store, and an antenna, they could point the antenna at the truck, send the right RF signal, like the radio frequency signal, at the…

Source…

NMFTA cybersecurity conference will include a live truck hacking


Technology news and briefs for the week of July 9, 2023: 

Technology Shorts

 TriumphPay integrates with Trax Technologies

Transportation spend management platform Trax Technologies has formed a partnership with TriumphPay to allow Trax’s global freight audit solution to integrate with TriumphPay’s payments network for freight brokers, factors, shippers and carriers in the North American trucking industry.

The partnership is part of a minority equity investment by TBK Bank, SSB d/b/a TriumphPay into Trax, which provides software and services that help global shippers better manage the costs and emissions of their logistics networks.

Once the technical integration is complete, all payments made by Trax will be made via the TriumphPay network, providing automated payments, fraud protection, funds security and flexibility in the timing of payments for shippers and carriers across its Fortune 1000 customer base. 

NMFTA to host cybersecurity conference

The National Motor Freight Traffic Association (NMFTA) is set to host its annual Digital Solutions Conference October 22-25 in Houston, Texas. The event aims to educate anyone serving the LTL trucking industry about cyber threats as the industry moves toward digitization.

Major topics to be covered at this year’s conference include a review of the cyberthreat landscape facing the trucking industry; current tools and strategies for preventing truck hacking; explaining the IoT (Internet of Things) and how it can leave you vulnerable; how to build a culture of cybersecurity at your company; best practices in API security; exercises to test your company’s preparedness; understanding IT security and OT security; threats from the most basic of sources: email; and securing the right level of cybersecurity insurance to match your need and risk.

The event will kick off with a live truck-hacking demonstration. It includes a multitude of speakers, including cybersecurity experts from the FBI, the Cybersecurity and Infrastructure Security Agency, Microsoft, Peninsula Truck Lines and more. In addition, the United States Secret Service will make a presentation on cyber assets and cybercrime trends.

Digital River expands global logistics…

Source…

Red Truck Gallery Lawsuit: New Orleans Gallery Owner Fights Mortal Machine in Court – Miami New Times

Red Truck Gallery Lawsuit: New Orleans Gallery Owner Fights Mortal Machine in Court  Miami New Times
“HTTPS hijacking” – read more