Did you know the first cyberattack in the espionage field happened in 1986? It was called the Cuckoo’s Egg and involved the Soviet KGB. And while the network of computers in the United States at the time was nothing like what we have now, the methods used by the hacker in that attack are still studied in the field today.
Additionally, did you know the first large-scale cyberattack in the United States was the Morris Worm? This happened in 1988 and affected 6,000 computers in the U.S. – which was 10 percent of the Internet as it existed at the time. The damage estimate was as high as $10 million.
So that leads us to, what exactly is cyber warfare?
There is no single definition, and truly understanding the landscape of cyber warfare requires us to have some appreciation of its history.
During NMFTA’s recent webinar, Eitan Richman – an Israeli operations specialist who is familiar not only with the world of independent and corporate hackers, but also with the cyber warfare conducted by nation-states – offered a thorough assessment of the current cyber warfare landscape.
Cyber warfare might be defined as any attempt to collect, disrupt, deny, degrade or destroy information system resources – or the information itself. According to Richman, those making the threats can be doing so from a variety of different motivations, including:
The goal is usually payment or impact, and tactics to achieve the goal can include data theft, public humiliation or system down time.
Richman explained that several nations engage in cyber warfare for their own purposes. China and Russia have done so in recent years, sometimes for financial reasons but, in the case of China, for military espionage, and in the case of Russia, for ideological aims.
North Korea also engages in cyber warfare, Richman said, always in pursuit of financial gain.
Iran launched a very specific attack on Israel, hoping to contaminate Israel’s residential water supply by telling its water system to add excessive amounts of chlorine to it. (Fortunately this did not succeed.)
Recognizing the seriousness of such threats, the United States and Israel also engage in cyber warfare for defensive purposes. The two allies launched an attack on Iran in 2010 called the Stuxnet Worm, which was designed to activate only if it engaged with an Iranian military system.
With all this as background, Richman brought it home to share with attendees the real-life impacts for the trucking industry. The issues most critical to keep an eye on, he said, are:
Integration of virtual infrastructure in transportation. The Internet of Things (IoT) refers to the interconnectivity of devices. While the IoT helps make transportation operations more efficient and makes our roads safer through things like smart traffic management, it also makes systems more complex and thus more difficult to defend. Even cars, he said, now have as many as 50 computers integrated with, and controlling, many of the cars’ mechanisms. The trucking industry needs to understand how these new complexities make it vulnerable.
Potential risks and threats in transportation and the supply chain. TMX Global estimates that global supply chain delays cause $15.63 billion in lost revenue every year. Cybersecurity is critical to avoiding such delays. Consider that, when a company is the target of a ransomware attack, its average downtime is 22 days. If that starts happening on a widespread basis in the trucking industry, the impact on supply chains will be catastrophic.
Finally, Richman shared case studies about some specific attacks. These included a recent attack on the City of Dallas, in which a ransomware group calling itself Royal shut down the Dallas Fire Department’s dispatching software – forcing the department to rely on old-school radios and smartphone GPS.
He also informed the group of the 2021 attack on Colonial Pipeline, which halted all operations and resulted in Colonial Pipeline paying the attackers a $4.4 million ransom in return for its functionality and data being returned. Shortly after this attack, gas prices rose to their highest levels in seven years.
Richman concluded the presentation by emphasizing that increased dependence on technology in our daily routines heightens the risk in the cyber landscape. That becomes even more serious when digital systems are integrated with mechanical equipment, which then becomes a target for attackers.
The only solution is to be vigilant and learn all you can about how to protect your assets and your enterprise.
If you missed the webinar, you can watch it here.
If you’d like to attend NMFTA’s Digital Security Conference, you can sign up here.
The National Motor Freight Traffic Association promotes, advances, and improves the welfare and interests of the motor carrier industry and less than truckload carriers operating in commerce, both domestically and/or internationally.