Cybersecurity is a growing concern across industries. In the transportation and logistics space, cyberattacks can wreak havoc on day-to-day operations, leading to an avalanche of disruptions and delays.
The Washington State Department of Transportation experienced this firsthand earlier this month. The agency’s website — which allows users to track ferries and check the changing status of mountain passes — was down for days after it was targeted in a cyberattack, causing rampant confusion for visitors, commuters and transportation professionals alike.
In light of the growing prevalence of cybersecurity breaches, the Biden administration issued a mandate requiring all federal agencies to conduct multifactor authentication (MFA) as part of the government’s zero trust security strategy.
In order to comply with this mandate and make its portal more secure, FMCSA has rolled out security updates that will impact motor carriers. All FMCSA portal users will need to update their log-in information this month. The process involves creating a login.gov account and then setting up an additional layer of security for that account.
FMCSA has posted a step-by-step how-to guide in order to help companies through the process of making these changes. Motor carriers will need to complete this process by Dec. 1 in order to avoid account disruptions. After this date, users will only be able to access their FMCSA portals via a login.gov account.
These updated security measures could also affect how some motor carriers access their Drug and Alcohol Clearinghouse accounts.
“If the trucking company accesses their Drug and Alcohol Clearinghouse account through the [Safety Measure System] portal, the login will be the same. If they access it as a stand-alone, they will have two separate logins,” Reliance Partners VP of Safety Brian Runnels said.
Motor carriers may be frustrated by the process of changing their log-in procedures, but the shift offers both individual users and FMCSA as a whole a significant security boost — preventing breaches and leading to reduced frustration down the road.
“Malicious cyber actors are increasingly capable of phishing or harvesting passwords to gain unauthorized access. They take advantage of passwords you reused on other systems,” according to the U.S. Cybersecurity and Infrastructure Security Agency. “MFA adds a strong protection against account takeover by greatly increasing the level of difficulty for bad actors.”
This security shift is not unique to FMCSA. Since all federal agencies are affected by the recent cybersecurity mandate, any government agency that has not already implemented changes will be required to roll out heightened security protocols and MFA in the near future.
Making it harder for hackers to access accounts is a good way to fend off cyberattacks, but motor carriers should also consider adding an additional layer of protection through cyber liability insurance.
“A traditional business liability policy is extremely unlikely to protect against most cyber exposures,” according to Reliance Partners. “Standard commercial policies are written to insure against injury or physical loss and will do little, if anything, to shield you from electronic damages and the associated costs they may incur.”
Motor carriers are vulnerable to multiple types of cyberattacks, from data breaches to extortion. Cyber liability insurance policies are specifically designed to protect companies against these modern-day threats, whether they result from a direct attack or damage to a third-party system.
As the world becomes more dependent on technology, security protocols designed to protect that technology will continue to evolve and tighten. Players across all industries — as well as everyday citizens — should expect these types of updates to continue well into the future.