Reports: FBI warns trucking of potential ELD hackers

The Federal Bureau of Investigation (FBI) has issued an advisory on cyber risks associated electronic logging devices (ELDs) after determining the devices “did little or nothing” to ensure against data breaches, according to media reports.

The advisory – a copy of which has been circulated among various media – follows best-practices advice from private industry warning on the potential security vulnerability of ELDs and other technology that has the potential to cause severe financial damage to companies within the trucking sector, including carriers and brokers.

An FBI spokesperson told FreightWaves that the agency does not comment on notices provided to its private industry partners, or on whether the FBI has detected recent activity on cyber threats to the industry.

The spokesperson did confirm, however, that in furtherance of its partnerships, “the FBI routinely advises private industry of various cyber threat indicators observed during the course of our investigations. This data is provided in order to help systems administrators guard against the actions of persistent cyber actors.”

The advisory cited “industry and academic research” that looked at a sample of ELDs that could be purchased off-the-shelf at retail stores or supplied directly by ELD manufacturers.

“Researchers demonstrated the potential for malicious activity to remotely compromise the ELDs and send instructions to vehicle components to cause the vehicle to behave in unexpected and unwanted ways,” the advisory stated.

It noted that although ELDs are only intended to allow data to be logged from the engine, “in practice some self-certified ELDs allow commands to be sent to the truck engine via their connection to the ECM. Commands passed into the vehicle network through an ELD could affect functions such as vehicle controls and the accuracy of the console display.”

The notice further cautioned that ELDs using more advanced telematics functions that are able to connect to shipment tracking or dispatching can lead to widespread access to the company’s business functions.

“Cyber criminals interested in stealing data such as personal information, business and financial records, location history and vehicle tracking or other proprietary data such as lists of customers and cargo can use vulnerabilities in ELDs as a way in to access trucking companies’ enterprise networks and databases,” the advisory warns.

“With that access, financially motivated cyber criminals would also be positioned to install malware such as ransomware, preventing the ELD, the vehicle or connected telematics services such as dispatching or shipment tracking from operating until the ransom is paid.”

In November last year, thousands of drivers had to resort to paper logs after ELD supplier Omnitracs suffered an outage caused by a telematics glitch. It was not confirmed, however, if the incident was a direct result of a cybersecurity breach.

While not attributed directly to ELDs, truck brokers – and by extension their carrier customers – have been particularly susceptible to ransomware attacks. Late last year confirmed that ransomware caused a weeklong outage that affected sites including load board and online carrier safety vetting.

Total Quality Logistics (TQL), one of the country’s largest privately held freight brokers, notified carriers in February that external hackers had breached the company’s IT systems and may have gained access to customer business information. The data breach led to lawsuits filed against the company and employees being fired.

The FBI recommended, among other things, that carriers contact the manufacturer or supplier of the ELD and ask about its cybersecurity before installing it.

“When contacting suppliers, seek specific and detailed information regarding the security of the entire ELD solution. Because ELDs can include a combination of in-vehicle, communications link, user interface and cloud back-end systems, the supplier should be asked for details that address the cybersecurity of all functions and components.”

The agency also recommended trucking companies follow guidance issued by the Federal Motor Carrier Safety Administration in May, Cybersecurity Best Practices for Integration/Retrofit of Telematics and Aftermarket Electronic Systems.

Related articles:

Click for more FreightWaves articles by John Gallagher