In a recent study conducted by researchers from Colorado State University, Electronic Logging Devices (ELDs) have been identified as significant cybersecurity threat vectors. The urgency of enhancing the security measures of these devices has become evident, according to the findings presented by Jake Jepson, Rik Chatterjee, and Jeremy Daily in their February publication.
The team has discovered several vulnerabilities within ELD systems that could potentially allow unauthorized control over vehicle systems and data, posing the risk of extensive disruptions across fleet operations.
This revelation underscores the necessity for heightened awareness among product designers, programmers, engineers, and consumers regarding these vulnerabilities, as well as the importance of fostering the development of more secure ELDs.
With an estimated 14 million medium- and heavy-duty trucks operating in the United States, many of which are mandated to use ELDs to monitor driving time and ensure compliance with hours-of-service regulations, the security of these devices is paramount. ELDs collect data by interfacing with a vehicle’s engine control module via the vehicle network, a process that has now been shown to be susceptible to cyber-attacks.
One of the primary concerns highlighted by the researchers is the threat posed by “truck-to-truck worms,” which are self-replicating malware capable of autonomously spreading across a network. Traditionally, such malware has targeted computer network systems, but the increased connectivity of modern vehicle systems makes ELDs vulnerable to similar attacks.
The paper elaborates on the risks, stating, “Each system by itself may not have cybersecurity concerns; the truck without an ELD does not have a wireless connection, and the ELD by itself cannot command a truck.
The heavy truck acts as a dynamic operational platform, encompassing various mechanical and electronic components, while the ELD serves as a mandated interface for data logging, regulatory compliance, and potentially, vehicle control.”
An attack could be initiated by compromising a single device through methods such as drive-by attacks or by targeting locations frequented by truck drivers, including truck stops, distribution centers, or ports.
Once compromised, malicious firmware can spread to similar devices via Wi-Fi, Bluetooth, or cellular networks. The researchers noted that even in a crowded parking lot, a connection could be established up to approximately 120 feet away, enabling the spread of malware across multiple vehicles.
To mitigate these cybersecurity risks, the researchers recommend several measures to strengthen the security of ELDs:
- Enhancing default security settings: Ensuring that devices are configured with robust security protocols from the outset.
- Implementing high-entropy passwords: Using complex, difficult-to-guess passwords to prevent unauthorized access.
- Utilizing a secure firmware signing mechanism: Verifying the authenticity of firmware updates to protect against malicious modifications.
- Eliminating unnecessary API features: Reducing the attack surface by disabling features that are not essential to the device’s primary functions.
The findings from Colorado State University’s research highlight the critical need for concerted efforts to secure ELDs against potential cyber threats, ensuring the safety and reliability of the nation’s trucking infrastructure.
If you have any further questions on your Cyber Security posture or anything regarding Cyber Security please reach out to our Cyber team at cyber@veroot.com.
Ryan Kessler
