The cybersecurity team at the National Motor Freight Traffic Association, Inc. (NMFTA) is wasting no time looking ahead to 2025, gearing up to tackle the biggest threats facing the trucking industry in our increasingly digital world, and identifying the most effective solutions to stay ahead of the curve.
Currently, the team is crafting bold predictions and recommended strategies for the year ahead, much of which we covered extensively during our sold-out, three-day Cybersecurity Conference in Cleveland, Ohio. If you missed the conference, you missed a remarkable gathering of top cybersecurity and trucking experts. Attendees left with invaluable insights that are set to transform the industry's approach to cyber threats, highlighting the critical intersection of technology and freight security.
Looking ahead to Nov. 14, we’re hosting a must-attend webinar focused entirely on emerging cybersecurity challenges in the trucking industry. I’ll be joined by Artie Crawford, our director of cybersecurity, Ben Wilkens our cybersecurity principal engineer, and Anne Zachos, our cybersecurity research engineer.
We’ll dive deep into key trends affecting supply chains, including ransomware as a service (RaaS) and the tactics and techniques used by persistent threat actors. We’ll also cover cybersecurity from both the physical asset side (Class 8 vehicles and telematics systems) and the enterprise side.
Next up, on Nov. 15, we’re releasing a comprehensive whitepaper that breaks down all these issues in detail.
As the team prepares for the webinar, I can share a few of the emerging issues they’re keeping a close eye on for 2025:
Cyber-enabled cargo theft
We’ve covered this before in this space, but it’s an issue that continues to evolve. No longer do thieves wait in the dark behind truck stops and break into trailers, hoping to find fast-selling items like TVs and stereos. Now they compromise the credentials of shippers, brokers, and carriers, and find out exactly what’s in the truck, then redirect the trucks to insecure locations where they can make off with the loot.You might be surprised to know that one of the most popular items for cargo thieves is crab meat. It’s easy to pilfer, it’s not serialized, and they can sell it on the black market for $5 a pound compared to the legitimate market rate of around $12 a pound. This is what happens when the thieves know exactly what’s being shipped and how to commandeer the shipment.
AI-enabled exploit windows
This one is highly relevant to carriers. When a company like Microsoft announces a vulnerability in a product like Microsoft Edge, the imperative for all involved is to patch it. Most companies know that, but many don’t get around to the actual patching right away. Sometimes they take a few days. Sometimes they take a week. They should do it right away. But many do not, and the bad guys know that.AI now makes it quicker and easier to create traps that take advantage of vulnerability windows like this. As one example, hackers can use AI to generate “poison” documents that appear to be from a carrier, and they push those documents to the top of search engine optimization (SEO) listings. An unsuspecting party downloads the document, fills it out and unwittingly embeds their system with malware. Worse, the malware might sit there for months before it’s exploited. And this all happened because AI made it possible to take advantage of that vulnerability window.
Zero Trust, but for real
We have spoken extensively about Zero Trust over the course of the past year, with the idea that no one gets access to your data without multi-factor authentication (MFA) every time they want in. The response of most of our industry was to read about this topic, conclude that it is too hard to do, and abandon the whole idea. You can imagine what that produced. So now the entire industry appears to be serious about Zero Trust. And we’ll be digging more into that.API and IOT security
These are not new topics, but they continue to grow in importance as these issues further permeate the industry.Privacy and related regulation
As privacy concerns heighten, we are seeing a renewed appetite for regulations to address the concern. The team is watching this closely as well.These are just some of the topics to be discussed in the webinar, and addressed in the accompanying whitepaper.
Cyber threats aren’t going anywhere, and the trucking industry remains uniquely vulnerable. If the industry takes any kind of significant hit, the impact on the entire economy could be dire.
Keep up on these issues. This webinar and whitepaper are great places to start as we gear up for 2025.
