transportation cyber trends

ProMiles Cyber has discussed cyber threats and pressures on transportation for the last year. Developments in recent months continue to convey the urgency for transportation to continue pressing for more mature security controls. Given the impacts transportation has on the economy and critical infrastructure overall, it is no surprise that changes are looming.

The following are key points and opinions.

Rising Threat Landscape

By the close of 2023, successful cyber-attacks had surged by a staggering 36% compared to the previous year (1). Of these, it was found that 35% were due to malware, with ransomware being the primary weapon of choice. Direct exploitation of vulnerabilities accounted for a solid 18% of cases, and supply chain incidents made up the remaining 8%. The remaining 39% was a mix of other attack types. These figures note the severity of the threat landscape and the pressing need for continued discussion around risk minimization.

These incidents can impact anything from the shipment of goods to issues with systems that handle traffic management, meaning that the impacts of transportation cyber risks are far-reaching and deeply impact everything from local municipalities to our nation’s economy.

Federal Initiatives and Regulations

The Transportation Security Administration (TSA) is pushing for enhancing surface cyber risk management (CRM) in higher-risk freight railroads, passenger rail, and rail transit. A few key points from the new rule include measures to appoint a cybersecurity coordinator, report incidents to CISA within 24 hours, develop cybersecurity incident response plans, and conduct vulnerability assessments (2). These steps enhance the sector’s preparedness and resilience against cyber threats and pave the way for future discussions for rules that may creep into other areas of the transportation sector.

These discussions around enhancing CRM provide a starting point for broader rules in other areas and make it very clear the federal government will continue to push for additional rules/regulations until they feel risks have been pulled into an acceptable range.

Cybersecurity Standards and Compliance

More than just the United States is looking to impose cybersecurity regulations. For instance, the ISO 21434 standard and the UN R155 regulation mandate that new types of vehicles must be cyber-secure to be sold in the European Union. This has led automotive original equipment manufacturers (OEMs) and their suppliers to implement comprehensive cybersecurity measures covering the entire vehicle lifecycle, from development and penetration testing to supply chain security and ongoing vulnerability management (3).

We’ve seen guidelines for cab and supply chain security best practices for heavy vehicles, such as those put out by the Federal Motor Carrier Safety Administration (FMCSA) and the National Highway Traffic Safety Administration (NHTSA). These guidelines are typically a precursor to mandatory requirements (4)(5).

New Challenges

The biggest change in transportation over the last ten years is the interconnectedness between the cab and the back-office systems. The Verizon Mobile Security Index 2023 report, with Forrester data points, indicates that IoT, employee-owned, and company-owned mobile devices were the three most common targets in external attacks (6). Thinking about the transportation industry, specifically in the cabs of trucks, ELDs, employee phones, and company-provided tablets and other devices are all in a single cab connected to back-office systems at any given time. The report also indicates that due to organizational pressure, nearly 66% of respondents had to sacrifice mobile device security to “get the job done” (6). Mobile devices are a tough challenge for IT teams that must balance security, user experience, privacy, freedom, and cost.

These points highlight the need for a transportation industry-focused effort to address the threat landscape in mobile device security, ensuring that trucks do not become easy targets for threat actors who want to steal data from connected systems or damage the vehicle outright.

In Summary

The transportation industry should view cybersecurity as a safeguard against increasingly targeted threats. This would include adhering to existing regulations and standards and building a culture of continuous improvement and adaptation to emerging risks. Through proper risk management, the sector can better protect critical infrastructure, ensure the smooth operation of transportation systems, and maintain public trust and safety.

Proactive cybersecurity measures, compliance with evolving standards, and a commitment to resilience will be key to securing the future of transportation.

References

  1. 36% rise seen in cyberattacks on the Transportation Sector. Transport Advancement. https://www.transportadvancement.com/news/36-rise-seen-in-cyberattacks-on-the-transportation-sector/
  2. Enhancing Surface Cyber Risk Management. Transportation Security Administration [TSA]. https://www.regulations.gov/document/TSA-2022-0001-0001
  3. Cybersecurity threats in transportation industry call for greater systemic initiatives, as federal action continues to roll in. Industrial Cyber. https://industrialcyber.co/features/cybersecurity-threats-in-transportation-industry-call-for-greater-systemic-initiatives-as-federal-action-continues-to-roll-in/
  4. Cybersecurity Best Practices for the Safety of Modern Vehicles. NHTSA. https://www.nhtsa.gov/sites/nhtsa.gov/files/2022-09/cybersecurity-best-practices-safety-modern-vehicles-2022-tag.pdf
  5. Cybersecurity Best Practices for Integration/Retrofit of Telematics and Aftermarket Electronic Systems into Heavy Vehicles. https://www.fmcsa.dot.gov/research-and-analysis/technology/cybersecurity-best-practices-integrationretrofit-telematics-and
  6. Verizon Mobile Security Index Report 2023. https://www.verizon.com/business/resources/Ta10/reports/mobile-security-index-report.pdf

Related Post