Wireless hacking threat lurks around trucks
Criminals could take control of your tractor-trailer by exploiting just one vulnerability — whether they are looking to immobilize a vehicle to steal freight or block vital supply chain routes.
And one truck that was wirelessly hacked on Oct. 24 showed that such threats are not limited to the movies.
A hacker attacked a tanker trailer’s roll stability system by constantly sending commands and resetting the electric control unit (ECU), forcing air to vent out of the air brake system. If enough air was forced out of the system, the vehicle wouldn’t be able to move.
Fortunately, it was a good guy doing the hacking during a demonstration at the National Motor Freight Traffic Association’s (NMFTA) Digital Solutions Conference in Houston, Texas.
Ben Gardiner, NMFTA’s senior cybersecurity research engineer, used technology worth US$300 and leveraged ham radio knowledge for the hack. “The risk of software exploitation on these trailers and tractor brake controller units is something we just can’t push to the side,” he told TruckNews.com.
“If software is 100% perfect, then there is no risk to receive messages. The risk of malicious data of reaching a piece of software that wasn’t prepared for it is big in 2023. The purpose of this demonstration is to show you we can talk to these things,” the Arnprior, Ont.-based engineer said.
He added that in dry vans, especially equipment dating back to around 2001, trailers responded to almost any command. Their systems have no authentication, authorization or replay protection.
Such dry vans have larger and older valves, and the commands could also bleed the air faster than the compressor can generate it.
Road trains are particularly susceptible to such attacks because tractors have to work hard to maintain air supply through the braking system, he said.
How the hack was accomplished
Gardiner laid an antenna beside the tanker trailer, emitting signals identical to those on the power line communications network — a link over the vehicle’s power supply line. The tanker’s skin actually helped conduct the signal. And this could be done from 20 feet away, using a fixed location or driving a specially wired trailer past the target vehicle.
He then sent commands for an ECU reset and the system obeyed, blinking the anti-lock braking system (ABS) light on the trailer, clicking the solenoids as it reset.
While it didn’t bleed enough air to cause a problem, the blinking ABS light could lead a driver to pull over and inspect the trailer brakes.
Internet attacks can be traced through IP addresses, logs and servers, but Gardiner warned that radio attacks are almost impossible to track down. The radio attacks involve no login or location information, and since extremely low frequency radio waves are used, it would be hard to triangulate the threat’s source.
“Since messages can be sent, there is a possibility that you could put a worm, code control, or malware into a system,” he said. “Every piece of equipment that is on the blue auxiliary line on the trailer is receiving those messages.”
Mitigating the threat
The threat is real, but Gardiner also has ways to block these attacks. When NMFTA discovered this vulnerability and disclosed it to the Cybersecurity and Infrastructure Security Agency, it developed eight mitigation technologies to stop the threat.
Gardiner stopped his own attack by demonstrating keyhole mitigation — a signal that jammed powerline commands. “We cut little pieces out of the jamming signal that only the regulation-required messages will fill in,” he said.
The ABS lamp lights up on the dash and trailer in case of a fault or attack. “We deny access to the powerline with [a] jamming signal, cut out holes so that the checks on them match,” he said. “If there is a lamp fault, that will show in the dash. But every other message gets denied.”
He added that all the information to mitigate this particular threat is in the public domain, so there are no licencing fees, and it should not be too expensive for OEMs to implement.
But Gardiner warned that carriers must be vigilant about threats. Newer trucks have more software that can be exploited. Even older equipment has been connected to the internet and may incorporate less security.
Have your say
This is a moderated forum. Comments will no longer be published unless they are accompanied by a first and last name and a verifiable email address. (Today's Trucking will not publish or share the email address.) Profane language and content deemed to be libelous, racist, or threatening in nature will not be published under any circumstances.
I’m glad I’m retired. My last truck already had more software than I was comfortable with and things have gone a lot further since. The day of the owner operator is gone.
-
Yes agree at this time and came out of retirement to come back on the road seeing a drastic change on Highway it is at time scary any how this new technology will either be good or becoming a waste of money and efforts to stay in the game.
Add to that transport refrigeration units and the ability to turn them off remotely.
attack a whole fleet and turn up the heat – you will have problems.
-
I know it is possible to redirect self driving delivery vans by a remote server. It has already happened and cargo stolen but is being not talked about in the press as they do not scare people in Waterloo Ontario Canada
Being retired is a good thing congratulations. My concern is the open borders and terrorist. If someone takes over a vehicle they can use it as a weapon. People don’t understand the danger we are in. When 911 hit NYC we had to live through that, find our way out of the city because everything was at a stand still. I wouldn’t wish that day on nobody. Just remember the US allowed that and helped them kill all those people. They taught them how to take off, land and fly those planes that crippled the US for a long time. Don’t you think we are being set up again?
Wow, what a eye opening article! Thank you for your excellent in depth analysis Leo.
One amazing gadget that we use is the GPS I got the best in GPS with Garmin DEZL it is fantastic the information we get but on another way of looking at it this GPS has a tendency to direct you towards paying toll highways, changing your routing saying highway close like
on Highway I 70 is just an example and it changes your route without asking if you want to go that way.
So in that optics, it is easy to figure out that there was some jamming being done it happened more than once over good thing having the cell phone nearby and go on Google Maps and info.
Nothing is perfect and what is built y humans could be altered by humans as well. So for the high-tech technicians, it is easy to take over your unit if so desire.