Security Experts:

Overcoming Security Challenges in the Transport and Logistics Sector

From the intelligent traffic lights and speed controls that are emerging in our smart cities, through the robots and sensors that make modern “just in time” distribution possible, technology is becoming increasingly integral to our effectively functioning transport and logistics networks. 

It’s imperative that transport networks digitalise further, using cutting edge tools and analytics to become more efficient. The same technologies that can keep people and goods moving as population densities increase also carry risks which must be recognised and controlled. It’s important that cybersecurity considerations are brought to the fore, anticipated and mitigated against. 

It’s not easy – like many industries, the modernisation of the transport sector is ad hoc, unplanned and builds on mature technologies and processes which have never had to take cybersecurity into account. Hence why cybersecurity awareness in the sector is often low, and now is the time for professionals to act and develop best practices for new solutions large and small.

With enhanced connectivity come a greater level of risk

There are plenty of examples of the impact technology is having on transport and logistics: haulage fleets are able to increase fuel efficiencies using real-time telematics and GPS data; ports are digitising their processes to streamline the flow of goods; shipping companies are being pushed to adopt Internet of Things (IoT) technologies in order to provide more visibility into their cargoes by the likes of Alibaba and Amazon, firms which thrive on the collection of big data. Several governments are now testing the potential for using trackside infrastructure to provide 5G access to the internet for rail passengers and on-board systems while travelling.

All of these connected technologies promise great benefits, but they also bring challenges around cybersecurity. Systems which were previously isolated from network attacks are being exposed to internet-related threats, and potential attackers are relentless in their determination to find weaknesses to exploit across any attack surface they can find.

In 2017, Germany’s Deutsche Bahn rail operator was forced to close stations when it was hit by the WannaCry ransomware. In 2013, the Port of Antwerp discovered that cocaine traffickers had infiltrated cargo-tracking systems in order to smuggle their wares through without detection. In 2017, 20 ships in the Black Sea lost their ability to navigate safely thanks to spoofed broadcasts which mimicked GPS signals.

Each of these attacks is different and exploits a separate type of technology vulnerability. Security needs to be a clear consideration when implementing any digitalisation strategy or device into a transport network.

Moving forward with security in mind

The fundamental change that needs to happen is that in all levels of the transport sector, from track engineer to senior management, there needs to be a great deal more work put into awareness campaigns and education to help people understand the cybersecurity threat. People, processes and technology all need to be considered when addressing effective security measures. To address this, training programmes need to be developed which aren’t part of a one-off induction process: regular monitoring and performance should be built into staff KPIs. 

It is essential that “security by design” principles should also be more widely adopted. When implementing new solutions, risk assessment and mitigation strategies need to be implemented at every stage of the design pipeline. This means taking into account how new systems integrate with legacy ones too. History does not bode well: it only became standard practice to prevent in-vehicle telematics interfacing with control systems after researchers discovered vulnerabilities in the wild.

The industry has to get better at anticipating and planning around these kinds of risks and understand that potential weaknesses can be introduced anywhere within the supply chain for a new solution. To help counter these issues, more firms should engage specialists to perform vendor-independent audits during the design process to identify and address gaps in their cyber security. Security by design also means actively testing solutions and networks once they have been deployed, with regular security audits and penetration testing. Plans for long term support of systems need to be put in place before, although the transport and logistics sector faces some unique challenges. 

The good news is that the importance of the transport and logistics sector means there are advantages when it comes to codifying best practices. Asset owners are in close contact with intelligence and security services, and already share channels that are ideally placed for close collaboration around cybersecurity. The same protocols which disseminate information about threats involving international terrorists, for example, could be leveraged to help promote awareness and warnings of digital security hazards too. It’s in the industry’s best interests to lobby to improve these channels as soon as possible and develop international bodies which can help guide their work.

Greater collaboration between governments, operators and security professionals is key to tackling many of the challenges the global transport industry faces. What we can be sure of is that the number of attacks in the sector will increase as more systems come online and bad actors improve their toolkits. There will, inevitably, be more vulnerabilities discovered in common systems resulting in greater automation of attacks launched from online platforms.

By bringing cybersecurity issues to the fore, facilitating better discussions around it and implementing training programs that bring increased levels of cyber security awareness to key staff and operators, we can collaboratively help to mitigate the risk of security incidents, allowing transport and logistics operators to continue adopting new digital tools to improve their efficiency in the field securely.

Learn More at SecurityWeek's ICS Cyber Security Conference

view counter
Jalal Bouhdada is Founder and Principal ICS Security Consultant for Applied Risk. He has over 15 years’ experience in Industrial Control Systems (ICS) security assessment, design and deployment with a focus on Process Control Domain and Industrial IT Security. Jalal has led several engagements for major clients, including many of the top utilities in the world and some of the largest global companies in industry verticals including power generators, electricity transmission providers, water utilities, petro chemical plants and oil refineries He holds a B.S degree in Security Assurance from Amsterdam University of Applied Sciences and is an active member of the Industrial Internet Consortium (IIC), ISA99, NEN, CIGRE and other professional societies.