Inside the Truck Cyber Threat – PlaxidityX Ep 21

Today's connected software defined cars are often referred to as code on wheels. If this is true, then the latest generation of commercial vehicles, including electric or e trucks and autonomous trucks should be called supercomputers on wheels. While an ever growing number of onboard and remote software systems can help trucking companies increase efficiency and improve safety, this connectivity also exposes trucks to cyber threats aimed at stealing sensitive data, tracking vehicle operations, or manipulating critical functions. The fact that commercial vehicles travel far longer distances and have a longer lifespan than a passenger vehicle further increases these risks. Consistent with these trends, the latest National Motor Freight Traffic Association trucking cybersecurity trends report named cybersecurity as one of the most pressing challenges for the trucking industry in 2025.

Cyber attacks on trucks carry a hefty price tag. This urgent need for cybersecurity reflects the exorbitant financial stakes of a cyber attack on trucks and other commercial vehicles. The average cost of a new class eight truck is more than $100,000, while zero emission trucks can cost upwards of $400,000. The cargo that these trucks are transporting may also be worth hundreds of thousands of dollars. The bottom line is that cyber enabled theft of commercial vehicles and their cargo carries a huge price tag.

Granted, it's much harder to break into and steal a semi trailer than a Honda Civic. But today's cyber thieves don't have to physically steal the truck to succeed. Since any disruption to trucking operations has a direct and potentially serious business impact, it's enough to hack and disable a vehicle and then demand a ransom from the fleet owner or the OEM to release the vehicle. While this type of ransomware attack wouldn't likely yield much money for a private car, the owner of a commercial vehicle loaded with $500,000 worth of perishable goods would probably be more likely to pay. A prolonged truck ransomware attack that shuts down an entire fleet for several weeks could even put some trucking companies out of business.

Broader attack surface than connected cars. The complexity and magnitude of connected systems, for example, fleet management in a commercial truck, many of which are required by local regulations, have created a broad attack surface for potential cyber threats. In some cases, transportation regulations mandate the installation of driver hours recording, ELDs, or electronic logging devices, and other telematics equipment. This third party equipment is often installed by fleet owners post production, such that these devices are not part of the OEM's cybersecurity control process and usually not part of the supply chain. This makes it difficult for OEMs to ensure cyber protection, further extending the attack surface.

The dangers of a truck hack. Similar to connected cars, new software vulnerabilities are emerging every day in the connected truck landscape. These vulnerabilities could be exploited by hackers to compromise a truck's safety related systems, for example in braking, steering, or for other control systems, or to access personal data. The sheer size and weight of a large commercial vehicle amplify the potential damage and danger of a hack that takes control over a truck's critical systems. Imagine the life threatening consequences of a high speed collision involving a 15 ton semi trailer or even worse, a truck of that size carrying dangerous chemicals.

Looking ahead to autonomous trucks, a well orchestrated hack could damage the logistics of an entire city. Consider a scenario where criminals or terrorists simultaneously stop or stall a few trucks on a bridge or critical highway junction. This could prevent, for example, first responders or law enforcement from accessing certain areas or vital infrastructure facilities. Data privacy is another major concern. Today's trucks generate and collect vast amounts of data, including sensitive business and personal data.

Hackers can exploit vulnerabilities to gain access to this data, from the kind of goods being transported by the truck in delivery schedules to personally identifiable information related to the driver. Hacking a truck's electronic logging device or ELD. Another possible hacking scenario unique to commercial trucks is to hack or disable an ELD. Depending on the country, regulations limit the maximum number of hours a driver can drive per day. These hours are logged automatically by an ELD.

Manipulating or disabling the ELD could allow drivers to cheat the system and log more hours in a given day. This type of fraudulent behavior, besides endangering public safety, could expose the fleet owner to legal actions and fines. Cybersecurity steps commercial truck manufacturers should consider. New automotive cybersecurity regulations and standards, such as UNR one fifty five and ISO twenty one four thirty four, are designed to protect connected passenger vehicles and trucks from cyber attacks and ensure vehicle safety. Unfortunately, based on what we have seen so far, these regulations set a relatively low security bar.

Checking the boxes to comply with the regulation is not enough as evidenced by the recent surge in vehicle cyber attacks. To protect their fleets from growing cyber threats, truck OEMs need to implement dedicated cybersecurity protection mechanisms. Based on experience implementing cybersecurity solutions for both passenger vehicles and trucks, here are some fundamental building blocks for such a strategy. Implement security by design. A security by design approach automates the integration of security practices at every phase of automotive software development, helping truck manufacturers strengthen security and shorten the development cycle.

Beginning with the architecture design phase, OEMs should conduct a threat analysis and risk assessment or TARA process to proactively identify potential threats and vulnerabilities prior to the actual coding. Implementing an automated TARA process helps OEMs improve quality and accelerate time to market while continuously updating the TARA over the truck's lifetime. Embed in vehicle IDPS protection. Advanced Automotive Specific Intrusion Detection and Prevention Systems, or IDPS for short, can help protect a truck's in vehicle networks and ECUS from cyber attacks. Automotive IDPS inspects in vehicle traffic in real time and detects anomalies based on predefined rules.

Suspicious traffic can be blocked in real time or sent to a cloud fleet monitoring security operations center for analysis and prevention. IDPS can be implemented to protect automotive Ethernet and CAN networks, as well as important connected host ECUs, such as telematic and infotainment. Perform penetration tests to find and address weaknesses. Penetration testing is a common technique for identifying vulnerabilities in vehicle software and hardware throughout the development life cycle. Truck OEMs should leverage automotive specific pen testing services and tools for ECU level and vehicle level testing, as well as code review.

Automated fuzz testing based on known automotive test cases can help OEMs discover zero day vulnerabilities and configuration errors early in the development phase. Scan for vulnerabilities. Detection and mitigation of vulnerabilities in vehicle software is critical for securing connected trucks and ensuring regulatory compliance. Vulnerability management tools must afford full visibility into the cybersecurity posture of all software components across the supply chain. These tools should support automatic extraction of the software billet materials from binaries including Autosar, Linux and Android as well as continuous scanning of files for known software vulnerabilities against public and private databases.

Set up a VSOC to monitor and protect the entire fleet. Many automotive truck OEMs are setting up dedicated vehicle SOCs or VSOCs to monitor, investigate, and respond to cyber attacks in real time. These VSOCs are typically powered by an XDR platform that collects and analyzes data being generated from millions of sensors and components across the vehicle fleet. Using advanced AI analytics, the technology analyzes the data, detects anomalies, and generates insights that enable rapid investigation and response by cyber analysts. That's all for today's episode.

Keep your engines running smooth and your cyber defenses sharp. Stay connected by subscribing and visiting Placidityx.com. Until next time, stay safe on the road and in the cloud.