Fleets Must Act to Prevent Ransomware Attacks

Sep 7, 2022

Cybersecurity Priorities in the Pandemic Age

Ransomware and other cybersecurity threats show no sign of slowing down. In 2021, there was an 82% rise in ransomware-related data leaks, according to a CrowdStrike intelligence report.

Trucking companies already face plenty of challenges, such as driver retention and fuel costs. A ransomware attack that locks crucial systems behind encryption is a challenge that’s best avoided. Prevention is always the best cure for cyberattacks.

Part of the rise in ransomware can be attributed to disruptions created by the pandemic. Working from home and hybrid work models have become the de facto approach. IT teams quickly rose to the challenge of enabling remote work, and they must continue to adapt to secure systems.

The FBI reported a total of $6.9 billion in losses due to cybercrime in 2021—a 7% rise year-over-year. Fleets must understand the growing threat of cyberattacks and act now to prevent ransomware and other types of intrusions.

Webinar: Ramping up Your Cybersecurity Efforts

Ransomware declared a national security issue

In 2021, ransomware attacks that exploited flaws in widely used software from vendors such as Kaseya, SolarWinds, and Microsoft affected many companies and saw record-breaking ransomware payments made to state-sponsored cybercriminal groups. This includes a $70 million ransom demand from the “REvil” gang that created a Ransomware-as-a-Service (RaaS) ring.

Attacks on U.S. infrastructure and government agencies prompted the White House to treat ransomware as a matter of national security. The U.S. government decided to establish new mechanisms to address the threat. Plans include new funding to support ransomware response, a mandate for organizations to report incidents, and to consider the alternatives before paying a ransom.

A recent survey by UpCity revealed that 50% of small and midsize businesses have a cybersecurity plan. Fleets without an updated plan must act now to improve short-term and long-term cybersecurity.

How can trucking companies protect against ransomware?

A strong defense against cyberattacks requires a fleet-wide commitment to digital security. Some measures can be adopted quickly, while others require long-term planning and a greater investment in cybersecurity resources.

Deploy quick stopgap measures right now

Start with stopgap measures and quick wins that can be implemented immediately to improve security. Examples of easy-to-deploy security measures include:

  • Revise existing cyber risk guidelines and requirements.
  • Set up two-factor authentication and strong password policies.
  • Establish a security culture with regular training.
  • Control how employees access data and use the company network.
  • Govern how employees communicate over the company network.

Develop a comprehensive long-term cyber strategy

Start to review your current technology stack and security infrastructure as soon as possible. Some changes may take years to implement, while other improvements will be accomplished in a shorter timeframe.

Common improvements include investments in automation, advanced analytics, and other systems that improve the effectiveness of security processes. There should also be mechanisms developed that help measure how changes in your security program reduce risks after each initiative is rolled out.

These are some key questions that your long-term cybersecurity strategy should answer:

  • Does the security team have the expertise needed to tackle all technical challenges?
  • Is there a full understanding of vulnerabilities within core, critical business functions?
  • Have we invested enough to ensure that our cybersecurity provides sufficient protection?

Create an in-depth ransomware incident response plan

A ransomware incident response plan provides clear guidance on how to proceed if an attack occurs. This plan should begin by quantifying your ransomware risk, including potential attack vectors and key systems that should be prioritized. Many organizations already run tabletop exercises for business continuity planning (BCP). Adding ransomware plans to your BCP framework is a natural extension of preparing for all potential business disruptions.

Reduce your exposure to ransomware

People are the last line of defense against ransomware. Improve awareness of phishing by training people to recognize attacks and how to avoid them. Strengthen front-line defenses by deploying AI tools that help to flag attacks automatically. Evaluate a zero-trust approach for your security framework and review your use of remote desktop protocol (RDP), secure shell protocol (SSH), and virtual private networks (VPN). Don’t forget to implement multi-factor authentication.

Reduce work-from-home risks

If your remote workforce uses their own personal computers and devices to access your company’s applications and data, securing those endpoints must be a top priority. Devices that haven’t been fully secured provide a location that’s easier to attack. Embrace technologies that help reduce the attack surface of unmanaged devices, such as:

  • Mobile Device Management (MDM)
  • Mobile application management (MAM)
  • Network access control (NAC)
  • Browser isolation solutions

Step up cyber training and exercises

Regularly review, recalibrate, and readjust cyber awareness programs to measure, track, and improve the cyber risk culture of your organisation. This includes timely communication and briefings about new threats, security policies, and systems implemented to reduce risk.

Include security in vendor contracts

Security must be built into vendor contracts to reduce the risks of partnerships that involve shared data and systems. Fleets should be specific about expected security obligations, procedures, and how security regulations will be enforced. Contracts can also extend to any third parties that your vendor works with, even if you don’t have direct interactions with the third party.

Cybersecurity must be a business-wide concern

ISAAC recently completed an 18-month process to become fully certified for ISO 27001 standards—one of the most stringent security standards available for organizations. This shows our commitment to cybersecurity for our clients, partners, and ourselves. We know that keeping ourselves safe improves security for everyone we collaborate with, including fleets.

Learn how the ISAAC solution helps to simplify trucking while maintaining a secure digital ecosystem.

About the author

Joe Russo, Vice President IT & Security

Joe Russo, VP IT & Security at ISAAC, is an IT Executive with over 20 years’ experience leading IT teams in multinational environments and various sectors: banking, pharma, transportation and technology services. He has held senior leadership roles in Switzerland at Morgan Stanley and the Bank for International Settlements, and then in Montreal at McKesson Canada, Syntax and CN Rail. His experience in aligning IT strategy with corporate strategy makes him a strong transformational leader who excels at overcoming technical, cross-cultural and organizational challenges to solve business challenges. Joe holds a MSc in Information Technology & Management from Sheffield University, completed the Mini-MBA program at McGill University and holds CISSP, CRISC and CIPM certifications.

Time to move forward with managed technology

Recent blog articles

How Trimble’s CoPilot Navigation and ISAAC’s ELD Support Fleet Safety

by | Aug 29, 2024 | Best practices | 0 Comments

Driver safety is key to fleet operation and Trimble’s CoPilot navigation and ISAAC’s ELD solution work together to provide the safest driver experience.

DataDis and ISAAC: A Strong Partnership for Simplified Fleet Maintenance

by | Aug 21, 2024 | Best practices | 0 Comments

Discover how the DataDis and ISAAC integration simplifies fleet maintenance and helps ensure compliance with real-time information update.

Let Anytrek and ISAAC Help You Follow Your Cargo

by | Jul 22, 2024 | Best practices | 0 Comments

Discover how Anytrek's innovative GPS tracking and asset utilization reports enhance fleet management efficiency, security, and compliance.
Truck driver wearing a safety vest using a tablet roadside with a white semi-truck in the background.

5 Keys to Avoid Problems With Fleet Tablets

by | Jun 25, 2024 | Cost savings | 0 Comments

Learning from the experience of peers Our peer discussion, “Lessons Learned from Consumer-Grade Tablets,” was ISAAC’s first webinar of the year. It brought together...

Bypass 900+ weigh stations in North America for maximum efficiency and safety

by | Jun 17, 2024 | Best practices | 0 Comments

Drivewyze Preclear integrated into ISAAC ELDs Drivewyze and ISAAC are on a mission to improve transportation safety and efficiency, through their integrated suite of...

White tanker truck on highway with digital cybersecurity lock icon overlay.

Why Cybersecurity for Your Trucking Fleet Should Be Top Priority

by | Jun 6, 2024 | Cybersecurity | 0 Comments

Trucking companies face more cyberthreats than ever before. Technology is essential for planning routes, maintaining vehicles, and communication, but it also makes...

Truck driver wearing a high-visibility vest smiling while driving, showcasing the use of ISAAC Coach technology.

Understanding the ISAAC Coach: A Sustainable Trucking Solution

by | May 31, 2024 | Best practices | 0 Comments

The ISAAC Coach enhances truck safety, reduces costs, and supports eco-friendly practices. Read how real-time driver coaching can help you.
White tank truck equipped with ISAAC Instruments telematics solutions driving on a highway, symbolizing advanced fleet management for safety and efficiency.

Why Telematics for Tank Trucks Are a Must

by | Apr 24, 2024 | Safety | 0 Comments

Discover how Telematics for Tank Trucks elevates efficiency, safety, and ROI. Transform your fleet operations today!
A truck driver examines a handheld ISAAC Instruments device, ready to employ advanced fleet management technology on the road.

The Future of Fleet Management Solutions

by | Apr 17, 2024 | Innovation | 0 Comments

Explore how ISAAC Instruments leads in fleet management solutions, enhancing safety, efficiency, and fuel savings for future-ready operations.