Imagine: your fleet management team is planning routes for your fleet’s coming week when you receive a cryptic email. It’s from an unknown sender and says that your network has been compromised, your data has been stolen and the only way you’ll get it back is if you pay an exorbitant amount to the thief threatening you. You’ve become a new victim of ransomware, a common cyber-attack amid today’s complex transportation industry.
According to Security Magazine, the transportation industry is one of the most high-value targets for ransomware attacks. This is due to the critical role transportation and logistics companies play in the United States’ infrastructure, coupled with all of the technological advancements in the industry over the past several years. Criminals know that an attack could prevent the delivery of essentials like food for grocery stores, feed for livestock, fuel for gas stations, medical supplies to a hospital and more.
Ryan Johnson, Director of Cybersecurity for Trimble, points out that, “Unlike the defense and financial industries, which have been investing significant resources in combating cybersecurity attacks for decades, the transportation sector is weaker in this area and thus an easier target for malicious actors.”
IBM’s annual Cost of a Data Breach report found that in 2022, the average cost of a data breach in the United States was $9.44 million. Plus, they’re becoming more expensive: data breach costs surged 13 percent from 2020 to 2022. Organizations that act quickly and have disaster recovery and business continuity plans in place can save millions compared to companies that aren’t prepared. And while it’s unfortunate, the report also states that for many companies, it’s not if a data breach will happen, but when.
What Can Be Done to Protect My Network?
According to CyberTalk.org, between June 2020 and June 2021, the transportation industry witnessed a 186% increase in weekly ransomware attacks. The good news is that there are steps transportation companies can take to proactively mitigate cyber-attack risks. Understanding the risks, where a company may be vulnerable and what to do if a breach happens are all important first steps.
A ransomware attack happens when a cybercriminal gains access via an email or text phishing scheme, and then encrypts or blocks the victim from accessing their own data without paying a ransom. This happened in the case of Colonial Pipeline in 2021. Hackers were able to access the company’s billing infrastructure, forcing Colonial to shut down the pipeline and gas stations across the East Coast. After paying $4.4 million to the hackers, Colonial was able to resume operations.
More specifically relevant to the transportation industry, in 2018 and again in late 2021, a transportation trucking company was targeted by a ransomware gang. The group — a so-called “ransomware as a service” provider — supplied malware, an extortion platform and support to affiliate criminals, who then received a percentage of the payments made by victims. This ransomware gang has been linked to hundreds of attacks, including multiple U.S. transportation and logistics companies. It’s estimated that each of this gang’s ransomware attacks can cost a company upwards of $10 million.
But companies that move their network infrastructure to a SaaS (Software as a Service) or cloud-based platform are better able to proactively combat a potential cyber-attack by entrusting complex systems to trusted partners. A SaaS solution allows companies to host their applications in the cloud, or remotely, rather than in their own on-premise servers, which can often need a great deal of ongoing maintenance to keep updated and secure.
NFI Industries, for instance, is a longtime Trimble customer that uses Trimble’s cloud-hosted TMW.Suite Transportation Management System (TMS). “While we’re working on a lot of security initiatives, it was extremely appealing to know that we can rely on (Trimble and Microsoft) resources who are solely focused and educated to make sure our data is protected and our environment is protected,” said Scott Nelson, vice president of IT client services for NFI, in a recent case study. “They have a disaster recovery solution that, should something ever get compromised, enables us to do a cutover very quickly.”
Additional benefits of moving to a cloud-based system include:
- Increased Situational Awareness: Hosting data and operations in SaaS or cloud-based solutions allows companies to isolate and proactively protect important resources, know who is accessing what at all times, and have a 24x7x365 Security Operations Center receive alerts of malicious activity.
- Due Diligence: Working with a trusted partner via a cloud-based solution provides the ability to anticipate and address vulnerabilities across a company’s network. A cloud-based system, such as Azure's Automation Update Management capability, can apply security patches in a timely manner.
- Reduced Expenses: On-premise hosting can be costly and require cybersecurity insurance. Not to mention if there is IT employee turnover, a company may be at risk. Additionally, the entire transportation industry has been experiencing a shortage of qualified employees, IT employees included. By working with a trusted partner, companies don’t need to do as much recruiting to fill these positions.
“It is becoming increasingly difficult to recruit and retain IT talent,” Nelson explained. “One of the first things I observed after our move (to working with Trimble) was that the amount of knowledgeable resources available to manage and support our environment increased significantly. My prior concerns of having a small handful of NFI resources who were in a position to administer and maintain our environment is no longer something that keeps me up at night. Now we have the full Trimble bench of resources that can assist as needed.”
Security Benefits of Trimble’s Transportation Cloud and Microsoft Azure
Microsoft Azure is a cloud-based platform that offers users access, management and development of applications and services and forms the backbone of Trimble’s Transportation Cloud. Trimble’s suite of TMS products that utilize the data stored in Trimble’s Transportation Cloud are integrated with Microsoft’s Azure platform, putting the security of customers in the hands of experts who utilize the most up-to-date technology 24 hours a day, seven days a week, 365 days a year.
Some of the features and benefits provided through Azure include:
- Backup and recovery capabilities at Azure's data centers globally
- Extensive security protocols mean there’s very little chance of ransomware appearing
- Less capital cost for hardware or server rooms, cooling systems, space for server racks, and miscellaneous equipment required for a modern IT infrastructure
- Lower costs for IT personnel and software licenses
- Flexibility to business cycles and scalability for responsiveness, including the ability to scale servers up or down as needed to handle workload volumes
- 24/7 support from integrated solution and Infrastructure-as-a-Service (IaaS) provider teams with expertise in the latest technologies
Trimble’s platform is SOC 2 Type 2 and ISO 27001 compliant, as certified by third-party security review organizations. Both designations indicate that Trimble’s Transportation Cloud has passed a rigorous audit designed to detect if there are any vulnerabilities in the platform’s administrative and technical security controls. As a matter of course, we scan everything for vulnerabilities and viruses, encrypt all data where possible, logins and backups, maintain Active Directory to manage users as well as multi-factor authentication protections. Plus, our Security Operations Center operates 24x7x365, with an on-call crisis management of executives, forensics specialists, security engineers and data architects.
There’s No Avoiding Cyber Risks
Cyber attacks will always pose a risk for companies of any size and of course there are proactive steps a business can take to reduce those risks. But third party solution providers help minimize risk and disruptions in ways most businesses are unable to do themselves. SaaS and cloud solution providers take on the responsibility of security, so transportation companies can focus on keeping their trucks on the road, maximizing revenue and focusing on the core pillars of their business.
“If a company feels that making the transition from on-prem to a SaaS based solution isn’t for them, then I suggest taking a second look,” Johnson adds. “Transportation and logistics solution providers like Trimble are in the business of security. So, they recruit top talent, conduct annual security trainings, backup critical business data to the highest standard, invest in endpoint detection and response technologies, and are subject to independent, annual security assessments.”
Still, while working with trusted partners and utilizing the latest cloud-based technology is important, the Cybersecurity & Infrastructure Security Agency reminds companies that even the best security solutions are only as effective as the business’s security team is vigilant. Should a risk become a problem, there’s no substitute for a dedicated team member within a company working proactively to combat attacks and ready to implement a crisis plan if needed.
To learn how Trimble Transportation solutions can help protect your company, contact us to discuss your business and arrange a demo.