Fleets Must Act to Prevent Ransomware Attacks

Sep 7, 2022


Cybersecurity Priorities in the Pandemic Age

Ransomware and other cybersecurity threats show no sign of slowing down. In 2021, there was an 82% rise in ransomware-related data leaks, according to a CrowdStrike intelligence report.

Trucking companies already face plenty of challenges, such as driver retention and fuel costs. A ransomware attack that locks crucial systems behind encryption is a challenge that’s best avoided. Prevention is always the best cure for cyberattacks.

Part of the rise in ransomware can be attributed to disruptions created by the pandemic. Working from home and hybrid work models have become the de facto approach. IT teams quickly rose to the challenge of enabling remote work, and they must continue to adapt to secure systems.

The FBI reported a total of $6.9 billion in losses due to cybercrime in 2021—a 7% rise year-over-year. Fleets must understand the growing threat of cyberattacks and act now to prevent ransomware and other types of intrusions.

Webinar: Ramping up Your Cybersecurity Efforts

Ransomware declared a national security issue

In 2021, ransomware attacks that exploited flaws in widely used software from vendors such as Kaseya, SolarWinds, and Microsoft affected many companies and saw record-breaking ransomware payments made to state-sponsored cybercriminal groups. This includes a $70 million ransom demand from the “REvil” gang that created a Ransomware-as-a-Service (RaaS) ring.

Attacks on U.S. infrastructure and government agencies prompted the White House to treat ransomware as a matter of national security. The U.S. government decided to establish new mechanisms to address the threat. Plans include new funding to support ransomware response, a mandate for organizations to report incidents, and to consider the alternatives before paying a ransom.

A recent survey by UpCity revealed that 50% of small and midsize businesses have a cybersecurity plan. Fleets without an updated plan must act now to improve short-term and long-term cybersecurity.

How can trucking companies protect against ransomware?

A strong defense against cyberattacks requires a fleet-wide commitment to digital security. Some measures can be adopted quickly, while others require long-term planning and a greater investment in cybersecurity resources.

Deploy quick stopgap measures right now

Start with stopgap measures and quick wins that can be implemented immediately to improve security. Examples of easy-to-deploy security measures include:

  • Revise existing cyber risk guidelines and requirements.
  • Set up two-factor authentication and strong password policies.
  • Establish a security culture with regular training.
  • Control how employees access data and use the company network.
  • Govern how employees communicate over the company network.

Develop a comprehensive long-term cyber strategy

Start to review your current technology stack and security infrastructure as soon as possible. Some changes may take years to implement, while other improvements will be accomplished in a shorter timeframe.

Common improvements include investments in automation, advanced analytics, and other systems that improve the effectiveness of security processes. There should also be mechanisms developed that help measure how changes in your security program reduce risks after each initiative is rolled out.

These are some key questions that your long-term cybersecurity strategy should answer:

  • Does the security team have the expertise needed to tackle all technical challenges?
  • Is there a full understanding of vulnerabilities within core, critical business functions?
  • Have we invested enough to ensure that our cybersecurity provides sufficient protection?

Create an in-depth ransomware incident response plan

A ransomware incident response plan provides clear guidance on how to proceed if an attack occurs. This plan should begin by quantifying your ransomware risk, including potential attack vectors and key systems that should be prioritized. Many organizations already run tabletop exercises for business continuity planning (BCP). Adding ransomware plans to your BCP framework is a natural extension of preparing for all potential business disruptions.

Reduce your exposure to ransomware

People are the last line of defense against ransomware. Improve awareness of phishing by training people to recognize attacks and how to avoid them. Strengthen front-line defenses by deploying AI tools that help to flag attacks automatically. Evaluate a zero-trust approach for your security framework and review your use of remote desktop protocol (RDP), secure shell protocol (SSH), and virtual private networks (VPN). Don’t forget to implement multi-factor authentication.

Reduce work-from-home risks

If your remote workforce uses their own personal computers and devices to access your company’s applications and data, securing those endpoints must be a top priority. Devices that haven’t been fully secured provide a location that’s easier to attack. Embrace technologies that help reduce the attack surface of unmanaged devices, such as:

  • Mobile Device Management (MDM)
  • Mobile application management (MAM)
  • Network access control (NAC)
  • Browser isolation solutions

Step up cyber training and exercises

Regularly review, recalibrate, and readjust cyber awareness programs to measure, track, and improve the cyber risk culture of your organisation. This includes timely communication and briefings about new threats, security policies, and systems implemented to reduce risk.

Include security in vendor contracts

Security must be built into vendor contracts to reduce the risks of partnerships that involve shared data and systems. Fleets should be specific about expected security obligations, procedures, and how security regulations will be enforced. Contracts can also extend to any third parties that your vendor works with, even if you don’t have direct interactions with the third party.

Cybersecurity must be a business-wide concern

ISAAC recently completed an 18-month process to become fully certified for ISO 27001 standards—one of the most stringent security standards available for organizations. This shows our commitment to cybersecurity for our clients, partners, and ourselves. We know that keeping ourselves safe improves security for everyone we collaborate with, including fleets.

Learn how the ISAAC solution helps to simplify trucking while maintaining a secure digital ecosystem.

About the author

Joe Russo, Vice President IT & security

Joe Russo, VP IT & Security at ISAAC, is an IT Executive with over 20 years’ experience leading IT teams in multinational environments and various sectors: banking, pharma, transportation and technology services. He has held senior leadership roles in Switzerland at Morgan Stanley and the Bank for International Settlements, and then in Montreal at McKesson Canada, Syntax and CN Rail. His experience in aligning IT strategy with corporate strategy makes him a strong transformational leader who excels at overcoming technical, cross-cultural and organizational challenges to solve business challenges. Joe holds a MSc in Information Technology & Management from Sheffield University, completed the Mini-MBA program at McGill University and holds the CISSP certification.

Time to move forward with managed technology

Recent blog articles

Prevent Wheel-off Problems with Smart Wheel Retorquing

by | Nov 11, 2022 | Best practices | 0 Comments

Wheel-off incidents can be catastrophic. Fleets can prevent these accidents with smart wheel retorquing management.

Canadian ELD Mandate—How Fleets Can Quickly Adapt

by | Nov 10, 2022 | Compliance and regulations,Industry | 0 Comments

Canada’s ELD mandate will be enforced on January 1, 2023. Fleets that haven’t transitioned can quickly adapt for compliance.

How Fleets Cut Turnover During Truck Driver Shortages

by | Oct 26, 2022 | Best practices,Industry | 0 Comments

Fleets mitigate the impact of driver shortages by focusing on driver retention and satisfaction with driver-friendly tech.

Guide to US Agricultural Exemption for Hours of Service (HOS)

by | Oct 11, 2022 | Compliance and regulations | 0 Comments

Fleets that transport agricultural products and livestock can benefit from the US agricultural exemption for HOS

Does Your Fleet Know How to Respond to a Cyberattack?

by | Oct 11, 2022 | Cybersecurity,Industry | 0 Comments

Companies that respond well to cyberattacks reduce losses and ensure business continuity. Learn how fleets can defend themselves against attacks.

Fuel Efficiency Programs Can Improve Driver Retention

by | Sep 29, 2022 | Best practices,Industry | 0 Comments

Driver retention and fuel costs are two main issues that fleets face. Fuel efficiency initiatives can support improvements for both issues at once.

A Summer of Accomplishments for ISAAC

by | Sep 22, 2022 | President’s blog | 0 Comments

As the summer of 2022 comes to a close, I find myself looking back at some of our most recent accomplishments.

Fleets Must Act to Prevent Ransomware Attacks

by | Sep 7, 2022 | Best practices,Industry | 0 Comments

Ransomware is on the rise. Fleets must protect themselves against ransomware with a strong cybersecurity plan.

What Happens at a Roadside Inspection and How to Prepare

by | Sep 7, 2022 | Compliance and regulations,Road safety | 0 Comments

Fleets and drivers undergo multiple types of roadside inspections. Focus on safety, training, and driver support to ensure compliance.

See the ISAAC solution in action

We’ll help you bring out the best in your team.

Why ISAAC Overview →



Fleet Benefits

Solve major trucking challenges

Driver Happiness

Simplify the life of your drivers

ELD Reliability

Benefit from reliable technology

Cost Savings

Save money in various ways

Safety and Compliance

Ensure safe and compliant operations

Carrier Experience

Expect outstanding service as a client

Solution Innovation

Future proof your technology

Client Success

Get inspired by real-life examples

Solution Overview →

Game-Changing Features

Give your fleet an extra edge

Built for Trucking

Equip your fleet with durable tools

Predictive Workflow

Guide drivers with a simple workflow

Smart Compliance

Make compliance simple

Real-time Coaching

Achieve greater fuel efficiency

Remote Tablet Control

Enable effective teamwork

ELD and Fleet Telematics

Discover a built-for-trucking solution

Fleet Management Portal

Centralized portal for your office team

Driver-Friendly App

Versatile and user-friendly tool

Communication Gateway

Keep your team and drivers connected

Connected Cameras

Enhance safety, protect reputations

Open Platform

Get the most of your technology

Latest Innovations

Choose an innovation-driven partner
Resource Hub Overview →


Read about a variety of trucking topics


Get inspired with in-depth reads


Watch our solution in action


Learn from industry experts

Tech Support

Get timely technical support

FAQ About ELDs in Canada

Find detailed compliance information
Company Overview →
Don't Miss


Come meet us across North America


Read trucking and technology news

2022 User Conference

Register for our exclusive client event


Our involvement in the trucking industry

Contact us

Ask us anything, we're happy to help
Careers Overview →
Join Us

Available Positions

Join a team renown for its culture!

Awards and Recognition

Testimony to our winning culture


Check out life at ISAAC

Perks and Benefits

Find a healthy work-life balance