The Cyber Threat Landscape in the Trucking Industry
As a key stakeholder in the commercial transportation security and research program, NMFTA works to educate the transportation industry on potential cyber threats to connected commercial fleets. In 2018, transportation became the nation's second-most attacked critical infrastructure area, and it's still a primary target today. The trucking industry has become a top target of ransomware attacks, and many are now leveraging AI to engage in more sophisticated threats.
At NMFTA's Manifest 2024 Panel, CISA Cybersecurity Advisor Donald Hester stated that "Social engineering is probably the number one attack vector for threat actors [...] You have to augment social engineering and understand that...threat actors are now using AI. So that's a huge threat we have to look at."
According to the Department of Homeland Security's (DHS) Cybersecurity Infrastructure Security Agency CISA Insights - Ransomware Outbreak, "Ransomware has rapidly emerged as the most visible cybersecurity risk playing out across our nation's networks, locking up private sector organizations and government agencies alike. ... We strongly urge you to consider ransomware infections as destructive attacks, not an event where you can simply pay off the bad guys and regain control of your network (do you really trust a cybercriminal?)."
Useful Resources
Listed below are some of the free resources available to the public some of which are referenced in the Ransomware playbook.
The 18 Critical Security Controls to protect your networks
Free Cybersecurity Courses offered by the Federal Virtual Training Environment (FedVTE)
Cybersecurity and Infrastructure Security Agency (CISA) Resources:
- Ransomware Guidance and Resources is a one stop destination for ransomware resources and guidance from the Cybersecurity and Infrastructure Security Agency (CISA) department of the US Department of Homeland Security
- Issued December 18, 2023: The Cybersecurity and Infrastructure Security Agency (CISA), Federal Bureau of Investigation (FBI), and Australian Signals Directorate’s Australian Cyber Security Centre (ASD's ACSC) published a joint Cybersecurity Advisory on Play Ransomware
- Issued October 27, 2023: CISA Announces New Release of Logging Made Easy
- Issued October 24, 2023: CISA has added one new vulnerability to its Known Exploited Vulnerabilities Catalog
- Issued October 19, 2023: CISA, the National Security Agency (NSA), the Federal Bureau of Investigation (FBI), and the Multi-State Information Sharing and Analysis Center (MS-ISAC) released an updated version of the joint #StopRansomware Guide
- Issued October 18, 2023: CISA, the National Security Agency (NSA), the Federal Bureau of Investigation (FBI), and the Multi-State Information Sharing and Analysis Center (MS-ISAC) released a joint guide: Phishing Guidance: Stopping the Attack Cycle at Phase One
- October 10, 2023: CISA and the National Security Agency (NSA) published: Identity and Access Management: Developer and Vendor Challenges
- Incident Response Training
- Guidance for Corporate Leaders and CEO
- Message to Cyber Leaders
- Message to Staff Users
- Cyber Essentials Toolkit FOR What Makes You Operational)
- Cyber Essentials Toolkit FOR Your Surroundings, The Digital Workplace
- Cyber Essentials Toolkit FOR Your Data, What The Business Is Built On
- Cyber Essentials Your Crisis Response
- #StopRansomware: Play Ransomware
US FBI Bulletins This is one of the few places that you can find US FBI Private Industry Notifications (PIN) and FBI FLASH messages posted on a public site
NMFTA Ransomware Top 10 Defensive Tips provides you with our top 10 tips on how to protect your company against ransomware. While nothing is absolutely certain, following these 10 steps should help you prepare and defend against ransomware.
IOActive Threat modeling is a technique for identifying potential issues and rating their risk. Gaining a risk picture for individual systems across the organization affords a solid basis for making risk-based, data-driven strategic decisions. Threat modeling is security culture accelerator. It helps organizations proactively prepare for security challenges, build defenses, and constructively prioritize security needs.
FireEye report: Ransomware Protection and Containment Strategies
FBI: Ransomware Prevention and Response for CISOs
Center for Internet Security (CIS): 7 Steps to Help Prevent & Limit the Impact of Ransomware
