9 Ways to Protect Forklift Scales from Cyberattacks

NMFTA - September 25, 2023

Editor’s Note: At NMFTA’s Spring Weighing and Research Advisory Council Meeting in Clearwater Beach, FL, a group of presenters joined to discuss insight about cybersecurity measures for forklift-mounted scales. This was outstanding information and those who attended that meeting came away with valuable insight. We have developed this article from that presentation so you can also benefit from these insights.

Forklift-mounted scales represent a tremendous convenience in the material-handling industry, and that certainly includes LTL trucking carriers. The basic proposition is simple: Why take your material to a scale to be weighed, when you can mount a scale where you’ll be putting the material anyway–on a forklift–and save yourself a step?

There is little downside to a forklift-mounted scale itself. But like so many other assets in the logistics industry, the connectivity of such a device puts it at risk of cyberattacks if users don’t understand how to mitigate those risks.

A forklift-mounted scale comes with a scale indicator or a scale monitor. It’s the monitor you look at to tell you the weight of your item. And the monitor is typically connected to the dock via Wi-Fi. Guess what is also connected via Wi-Fi: The entire dock network, which connects to the dock management system.

This can also be connected to various PCs on the dock, as well as the AS/400 operating systems that are still widely in use in such operations. Often a user with a tablet can scan a barcode from the monitor and get the information he or she needs about the weight of the material on the forklift. This is also Wi-Fi-enabled, and the whole thing connects to the cloud.

If a cyberattacker targets the forklift-mounted scales, he or she could be in an excellent position to breach and compromise the entire network and operating system of the warehouse.

It’s easy to see how an attacker would be motivated to try this. It’s technically feasible and would have a significant impact on the business being targeted. An attacker might lick his lips at the thought of ransoming the distribution management system, the vendor datastore, the SQL server, the transportation management system, the AS/400 system, or the scale monitor.

Just imagine the impact if the attacker was able to get access to the company’s bills of lading. He could do a competitive analysis. If he’s a bit more nefarious in his motives, he could steal the cargo. And if he’s the worst of the worst, he could hold the data for ransom.

This is a real threat, but it doesn’t have to be a problem for you – not if you know how to protect yourself.

Here are some critical insights to help you protect your operation from cyberattackers who target forklift scales:

  • Be careful of unusual devices plugged into the scale or the forklift. They might even be disguised as a phone charger. But if it’s not one of yours, it could be a wireless monitor/capture/relay device. And it could be sending signals to listeners outside in your parking lot or on a hillside.
  • Don’t plug your phone into a USB port on the scale or forklift to charge it. That introduces a potential tether, which can leave the whole system vulnerable.
  • Hidden network adapters and thumb drives can serve as USB connection points. As crude as it seems, cyberhackers have gotten into systems by simply dropping a USB thumb drive on the floor of the shop, or in the parking lot, then waiting for someone to pick it up, plug it in to a USB port and see what’s on it. As soon as someone does that, the hackers are in.
  • Be sure to secure the Wi-Fi router and any other device that’s connected to the forklift scale via the Internet of Things. If a hacker can get in through an open front door like this, he will take it every time.
  • Added devices to the dock’s ethernet, or to the dock’s Wi-Fi, can also cause vulnerabilities. Be sure to exercise tight controls on any devices that are connected to your ethernet or Wi-Fi, and be sure they are completely secure before the connection is made.
  • Ensure your software vendors have a robust patching process for your operating system, or at least that you’ve got someone in-house who is qualified to do the patching.
  • Control remote access by adding temporary firewalls, as well as a human process to prevent anyone from accessing your network without authorization. Also, if you are giving vendors access to your system, don’t allow them to reuse passwords that have been used on other systems.
  • Don’t trust inputs to your SQL server. Sanitize everything before it can get in.
  • Restrict AS/400 green screen sessions.

Forklift scales are a great innovation. They save time and money while helping you run more precise and accurate warehouse operations. But like anything else in the digital world, they are vulnerable to compromise if their users don’t know how to protect them.

If you keep this article handy, you will be one of the users who knows exactly what to do.

And if you thought this article was worthwhile and are interested in joining us for future Weighing and Research Advisory Council Meetings, one of which is happening October 17-19, 2023, in San Antonio, TX, connect with marketing@nmfta.org.  

NMFTA
NMFTA

The National Motor Freight Traffic Association promotes, advances, and improves the welfare and interests of the motor carrier industry and less than truckload carriers operating in commerce, both domestically and/or internationally.