Watch Now


‘Truck-to-truck worms’ introduced via ELDs could threaten major fleet disruption

Colorado State researchers call ELDs ‘potential cybersecurity threat vectors’

Colorado State University researchers have found that ELDs are “potential cybersecurity threat vectors” and there is an urgent need to make them more secure. Photo: Jim Allen/FreightWaves

Colorado State University researchers have found that ELDs are “potential cybersecurity threat vectors” and there is an urgent need to make them more secure.

Researchers Jake Jepson, Rik Chatterjee and Jeremy Daily uncovered ELD vulnerabilities that could lead to unauthorized control of vehicle systems and data, as well as widespread fleet disruptions. Product designers, programmers, engineers and consumers should raise awareness of these vulnerabilities and encourage development of safer ELDs, their February paper says.

The United States has 14 million medium- and heavy-duty trucks on the road, many of which are required to use ELDs to track truckers’ driving time and ensure compliance with hours-of-service regulations. The devices acquire data by communicating with the vehicle’s engine control module through the vehicle network.

This technology is vulnerable to “truck-to-truck worms,” self-replicating malware that autonomously propagates across a network. Traditionally, these “worms” have targeted computer network systems, but in an age of increased connectivity of systems, technology like ELDs carries a risk of being hacked, the researchers discovered.


“Each system by itself may not have cybersecurity concerns; the truck without an ELD does not have a wireless connection, and the ELD by itself cannot command a truck. The heavy truck acts as a dynamic operational platform, encompassing various mechanical and electronic components, while the ELD serves as a mandated interface for data logging, regulatory compliance, and potentially, vehicle control,” the paper said.

An attacker could connect to a device — and only one device needs to be compromised to begin a larger attack — through a drive-by attack or by waiting at a location frequented by truck drivers, such as truck stops, distribution centers or ports. Then, the malicious firmware can spread to similar devices. Attacks can occur via Wi-Fi or Bluetooth or even through cellular networks, the paper said.

“Our findings revealed that, even in a full parking lot, a connection could be established up to approximately 12 parking spots away, equivalent to about 120 feet,” researchers said.

The researchers recommend the following to strengthen ELDs against attacks:


  • Enhancing default security settings.
  • Implementing high-entropy passwords.
  • Utilizing a secure firmware signing mechanism.
  • Eliminating unnecessary API features.

Brinley Hineman

Brinley Hineman covers general assignment news. She previously worked for the USA TODAY Network, Newsday and The Messenger. She is a graduate of Middle Tennessee State University and is from West Virginia. She lives in Brooklyn with her poodle Franklin.