Maureen McWhite, Doctoral Candidate, Doctor of Information Technology, Business Analyst at FedEx, discusses fleet connectivity challenges and truck hacking
Ahead of Connected Fleets USA 2019, we spoke with Maureen McWhite, Doctor of Information Technology Business Analyst at FedEx, on the cybersecurity risks facing the industry today, and ways in which fleet managers can mitigate these risks. Read the full interview below.
"BE PROACTIVE. DON'T WAIT UNTIL THE CYBERATTACK BECAUSE FRANKLY, THAT'S TOO LATE"
Maureen McWhite - FedEx
1. With connectivity becoming the norm in fleets, what can operators do to minimize cybersecurity risks while increasing their levels of connected technology?
Operators can minimize cybersecurity risks by asking manufacturers what cybersecurity measures were integrated during production. Information sharing is also important and operators should connect with Fleet CyWatch which sends notifications on cybersecurity awareness training, prevention, and mitigation methods.
2. What can you tell us about the development of cyber risks over the past few years?
Cyber risks over the past few years have increased, especially for the automotive industry. What was once considered to be something only seen in movies is now a present threat. As technology continues to evolve and the trucking industry incorporates autonomous vehicles into their fleets, vulnerability to cyberattacks will continue to be on the rise.
3. If there is one key thing fleet owners should be doing to protect their fleets, what is it?
Be proactive. Don’t wait unit the cyberattack because frankly, that’s too late. Here are just a few questions fleet owners can ask:
1) Do you have Business Continuity plans (BC) and Disaster Recovery plans (DR) in place?
2) When was the last time we tested the BC/DR plans?
3) Has everyone in my organization received cyber security awareness training?
4) Has the development team received specialized cyber security training?
5) Third party provider and offshore resources on their cyber security practices?
4. Do you think ELDs will pose a significant cyber threat to fleets? And if so, how?
I had an opportunity to dissect an ELD device. The one we worked on had several points of vulnerability at the CAN level. So do ELDs pose a significant cyber threat? Yes. The ELD device creates a bridge with the CAN. Should the ELD be comprised, vehicle safety will be at risk. Again, that is why it is important for Fleet operators to get involved with information sharing. NMFTA and FMCSA have researched many ELDs. This information can be helpful on which devices to purchase and what level of addition security will be needed.
5. How big of a threat do you believe ‘truck hacking’ is within the trucking industry?
I believe it’s a big threat. The systems that move our trucks contain valuable data and cargo. For example, a hacker can gain access to routes, schedules, and cargo descriptions. With this information they can sell it to other cyber criminals, use the information to determine how to hijack the truck to steal the cargo or smuggle illegal cargo, including people. This not only puts the driver at risk but society in general and produce catastrophic results for the fleet organization.
6. What aspect of Connected Fleets 2019 most excited you?
The aspect that most excited me is the opportunity the speak and interact with automakers, policymakers, and other industry experts. I am honored and humbled to be included. Other events I have spoken at were international for example in Singapore. Those events were not focused on trucking.