The National Motor Freight Traffic Association (NMFTA) releases the first edition of the 2024 Trucking Cybersecurity Trends Report. As the trucking industry continues to experience cybersecurity threats that evolve as time progresses, this report helps the supply chain industry stay ahead of this well-known disruption with industry knowledge, tools and resources to become proactive against the next threat.
“Last year, the industry was directly faced with an aggressively evolving cybersecurity environment,” says Antwan Banks, director of enterprise security for NMFTA. “Industry leaders and newcomers alike were reminded of the very real possibility that the next cyberattack could be lurking behind their door. Trucking companies experienced attacks that disrupted their operations, but thanks to having the proper partnerships established to come in and handle such occurrences, they were able to rebound rather swiftly. We’ve found that this is not always the case with companies, which is why we urge the industry to take the matter seriously and establish the proper procedures in advance to be prepared for not if it happens, but rather when it happens.”
- As technology continues to evolve across the supply chain landscape, improving the day-to-day work functions of industry professionals, so does the potential for these technological advancements to be compromised. According to a Forrester report, as many as 60% of workers engage in bring-your-own-AI (BYOAI) as their employers likely lack the tools internally but still want employees to leverage them. This protocol alone has the potential to bring about serious security vulnerabilities.
- Approximately 90% of hacks occur through phishing and misconfigured networks/devices. Hackers frequently use phishing scams to gain access to a carrier’s enterprise system, and once accessed, ransomware attacks are launched. In this report, NMFTA also called out several concerning application programming interface (API) security examples, such as the vulnerability of old, deprecated APIs known as Zombie APIs.
- The organization will continue to focus on API security on both the host and mobile side. While almost all trucking companies have host-side integration, which is a critical part of the workflow plan, mobile-side integration and telematics providers also play a crucial role throughout the supply chain.
- Another key focus for 2024 is a technique called vishing, surprisingly one of the very first forms of hacking, which is expected to increase as the year progresses. This is when a scammer calls a person pretending to be a reputable company or organization or even a co-worker (someone’s boss). These situations usually involve the individual urging the recipient of the call to provide personal or sensitive data and, at times, a request to send money to a fraudulent account.