October 9, 2023

Taking stock of what happened at Estes


Jeremy Daily is on the faculty at Colorado State University. But pretty soon, he’s going to be making presentations in Houston at a conference targeting cybersecurity for the LTL industry, about a month after a major LTL carrier got hit with a cyberattack.  

The gathering sponsored by the LTL trade group National Motor Freight Traffic Association (NMFTA) Oct. 22-25 in Houston might be the most appropriately timed conference any group has had the fortune — or misfortune — to schedule. It will kick off just a few weeks after a major debilitating cyberattack on LTL carrier Estes Express, one that is ongoing but has shown some signs of being conquered by the company’s technology staff.

Daily is on the agenda to make two presentations. One is titled “Advanced Degrees for Cybersecurity in LTL”; the other will be “The Ultimate Truck Hacking Platform.”

Daily is an associate professor of systems engineering at Colorado State and an expert in heavy vehicle cybersecurity and forensics, according to NMFTA. 

NMFTA said Daily “continues to serve as a director for the CyberTruck Challenge non-profit organization, and actively recruits students to participate in this unique opportunity.” He also founded Synecron Technlogies, which “developed a data extraction tool for heavy vehicle event data recorder information.” That company was later sold to DG Technologies. 

FreightWaves caught up with Daily to discuss how the Estes hack should be interpreted by the rest of the trucking industry.

FREIGHTWAVES: Do you have any familiarity with what specifically happened at Estes? Or from what you know, does this seem like a fairly standard cyberattack?

Jeremy Daily

DAILY: We cannot know if it’s a “standard” attack — if there is such a thing. There will likely need to be a digital forensic investigation and incident response. Our role at the university is to help educate and train personnel who can do these activities. One thing we know is that such investigations are easier when investigators have worked on these kinds of systems before. That is why I work with the trucking industry to educate and support students and those working in industry to prepare them to be helpful in a complex world where these risks exist and are always evolving.

FREIGHTWAVES: Based on other cyberattacks you have seen, would you have an estimate on the minimum time it would take to recover?

DAILY: I cannot say. It would depend on many factors, like how prepared those responding were for an attack, how the attack occurred and how sophisticated the attack was. I do not have that information, but I can say that we have many students who experiment on heavy vehicle systems. They understand many different scenarios that are hard to compare, but they are always getting better and faster at addressing these kinds of cybersecurity challenges.

FREIGHTWAVES: Are there cyberattacks that are not ransomware attacks? If so, what would be the motivation?

Daily: I cannot speculate on the motivations of this attack, but we know that cybersecurity is an important national defense priority, as the U.S. president and the DOD have stated in the past. Motivations likely range from financial interest to social disruption. That is why we need to take these kinds of events very seriously, to learn from them and to prepare students to help protect our nation’s infrastructure. That is what we do at CSU, because we believe the nation needs to be ready.

FREIGHTWAVES: Based on your description in the agenda for Houston, it sounds like you’ve made LTL companies and their security a specialty. Is there anything unique about LTL companies that make them particularly vulnerable? There are two big cybersecurity incidents in the past that hit LTL carriers, A. Duie Pyle in 2019 and Forward Air in 2020. Any pattern here?

DAILY: No one is 100% safe against cyberattacks. LTLs represent an important sector of the transportation industry and might be seen as a target of interest simply because of their large scope of operation. The trucking industry has been improving their cybersecurity posture with the help of academic research and industry partnerships. We at CSU look at these problems from a systems perspective, meaning we strive to understand all the vulnerabilities at every level. As the world becomes more connected and complex, we need more people to understand these problems with the skills we offer here at CSU.

FREIGHTWAVES: Is the industry headed toward a basic protocol of what to do to protect individual companies? Have we learned a lot since, say, the A. Duie Pyle hack?

DAILY: Protection against cybersecurity attacks is a challenging endeavor. It’s a continual process where defenders need to understand how attackers work and implement mitigations. One of my goals as an educator is to teach ethical hacking to help industry understand better how to secure systems. Our Department of Systems Engineering at Colorado State University has dedicated lines of research that seek to assess and address cybersecurity vulnerabilities. We’re a growing department that regularly publishes in research journals about vehicular cybersecurity, risk management and systems efficiency optimization.

FREIGHTWAVES: Are we missing any other LTL hacks that I’m not aware of?

DAILY: Not that I’m aware of. It is important to show concern and support for Estes and the LTL industries as they demonstrate resilience in the face of this attack.

More articles by John Kingston

Truck transportation employment ranks rebound

XPO’s Jacobs on his next venture: Wait and see

7 years, 6 figures: Driver suit against Knight settled for small sum


The second annual F3: Future of Freight Festival will be held in Chattanooga, “The Scenic City,” this November. F3 combines innovation and entertainment — featuring live demos, industry experts discussing freight market trends for 2024, afternoon networking events, and Grammy Award-winning musicians performing in the evenings amidst the cool Appalachian fall weather.

Source link
In this article:
Share on social media: