The Federal Bureau of Investigation has released a warning that Electronic Logging Devices can make companies vulnerable to hacking by cyber criminals. The potential damage that could be caused is enormous. And ELDs which are vulnerable include those provided by large, well-known companies.
As the FBI points out, there were no security checks or even quality assurance requirements put in place for ELD suppliers as part of the regulation that mandated them in CMVs. Because of that, the FBI says that most ELDs, including those produced by “well-known companies” did “little to nothing follow cybersecurity best practices” and are considered “vulnerable to compromise.”
ELDs are a vulnerable point through which hackers can access vehicle data remotely. Sensitive data like position, VINs, user IDs, and carrier information like load contents can be pulled in real time from them. Depending on the ELD integration in a company’s network, ELDs could give hackers access to all of the company’s data – potentially including personal information, business and financial records, and more.
Even more concerning though, ELDs provide a point through which hackers could directly “affect functions such as vehicle controls.”
The FBI notice recommends that drivers and companies ask their ELD makers and suppliers a series of questions to make sure that they are taking proper cyber-security measures. The notice does not provide the names of ELD providers which meet the suggested criteria.
To see the criteria questions and to get more information, you can read the FBI notification here.