In this era of ever-increasing digitalization across the trucking industry, fleets continue to adopt sophisticated technologies—from electronic logging devices (ELDs) and telematics, to dashcams, to internet of things (IoT) devices throughout terminals and office locations—to enhance efficiency and safety. However, many of these innovations come with unseen cybersecurity risks, and in the case of Chinese-made products and components, potential national security implications.
Global supply chains and geopolitical tensions combine to elevate the risk profile of Chinese-made electronics in critical infrastructure sectors like transportation. U.S. regulators, such as the Federal Communications Commission (FCC) and the Department of Commerce (DOC), are already actively restricting procurement of telecommunications and surveillance devices from manufacturers such as Huawei, ZTE, Hikvision, and Dahua. These measures indicate the credible threat that the presence of such devices in our infrastructure can pose.
The transportation sector at large, and specifically the trucking industry, has several unique technologies that pose additional risks when procured from Chinese-based or affiliated entities: Ship to shore cranes, telematics and ELD devices, dash cameras, and asset tracking devices to name a few. While there have been limited instances of specific manufacturers of these devices being placed on federal trade blacklists thus far, there is a growing consensus that just as Salt Typhoon and other Chinese Advanced Persistent Threat (APT) actors have infiltrated our telecommunications infrastructure, Chinese state-backed efforts to infiltrate our transportation sector are also occurring.
The NMFTA cybersecurity team has been researching this risk over the last year, beginning with a report on ZPMC’s port cranes in 2024, and continuing to widen the aperture to include network hardware, security and surveillance systems, asset tracking, and telematics devices and ELDs in a report published this month. This was even the topic of our August 14no-charge webinar featuring our director of cybersecurity, Artie Crawford, and cybersecurity principal engineer, Ben Wilkens. The webinar focused on outlining the scope and scale of this issue and laying the groundwork for how the trucking industry can begin to identify and remediate the security risks that devices and components of Chinese origin present, specifically through changes to procurement decision making processes.
While price always matters, it is critical that procurement decisions include security and supply chain stability along with pricing. While many Chinese devices and components are financially appealing due to their lower price-points and are often readily available in volume, dependence on these devices in an organization can present both security concerns due to direct cybersecurity vulnerabilities or data exposure to PRC controlled entities and indirect risk of increased financial exposure in the event that a device or entity ends up on a federal restriction list and must be “ripped and replaced,” or the supplier cuts off access to a product due to geopolitical or trade issues.
NMFTA will be continuing to research this threat and all other cybersecurity threats to the trucking industry and to share our findings. Come be part of the conversation! Join us in Austin, TX from October 26-28 for hands-on training, expert presentations, and the chance to network with cybersecurity-conscious peers in the trucking industry.
Seats are filling up fast, so grab your registration soon: www.nmftacyber.com.
