Truck-to-truck worm could infect, and disrupt, entire US commercial fleet

I guess that’s why we’re all required to continue to carry paper logs as back ups? Wont have any effect on my company other than buying a new tablet if I get locked out. Not going to stop me from producing?

 

https://www.ndss-symposium.org/wp-content/uploads/vehiclesec2024-47-paper.pdf

 

*shrug* only fleets that will be down are the ones that lose their ELDs and never bothered to train with paper. Most would run paper for a few days/weeks until the system unbuggers itself or maybe with winning jackpot AND the lotter 20 times in a row level luck they wont make us go back to ELD for months/years.

It would be a royal pain in the ### with all these non english and untrained (both american and non) fools who couldnt tell the diffrent between a pin and a nose excivation device trying to run paper however.

Though it will be funny to watch the mad rush to pick up paper at the truckstop. Makes me glad i carry enough paper for 90 days. Mostly because its leftover from my last non ELD truck and just lives in my binder now.

 

The problem is that ELDs are connected to the ECM. If they could use the ELD to get to the ECM, there's no telling what kind of trouble they could stir up.

 

Don't mind me with my digital paper. What ELD problem?


unloader

 

Yes and no. On the one hand your not wrong, a direct link to the ECM opens the door to a lot of tom foolery. On the other hand however, most ECMs nowadays mostly just due to emissions issues are pretty locked down. Additionally every single one of them has an entirely diffrent interface, programming language, and many are hard locked without dealer codes, see davie 4 for example.

And even within the same brand diffrent types of engine are going to have pretty diffremt programing. A MX11 for example is going to be a whole diffrent beast, set of data and such then a MX13 or a 3406E on 40 pin is going to be radically diffrent then a 70 pin acert. And this is without taking into consideration diffrent hardware and software changes within even the same year and style of engine or modded/tuned ECMs running custom software versions. Further complicated by trucks such as mine that when they shut down cut power to the transmitters to avoid a battery drain.

This means any virus would need to not only find an exploit to get into the ECM of all these diffrent engines, it would need to be compatable with each and every single one, be able to sidestep any and all code and hardware locks on them. Be able to dynamically target every "moving part" of that program they want to effect, account for the literally hundreds or thousands of diffrent revisions and such running around in the wild. Be able to transmit over often heavily limited ECM bandwidth, hope the cable itself has the correct pins to connect TO the ECM and be compact enough that it could upload in the often limited time the trucks will interact.

Posible in theroy, but in practice less so. As it is the worms are already only able to be in theroy as effective due to built in weaknesses of the ELDs themselves. And now that its in the open its posible. These groups that would do anything have a very limited time to develop and release a worm.

Think of it like trying to design a program that works on every single version of IoS, android, windows, linux, DoS and all the smaller less relivent OSes all at the exact same time. It aint happening. Most likely if they do target the ECMs they will go after at most a single rig type. And even there a truck with EPA 13 standards is going to be pretty diffrent to one with EPA 17 much less one with EPA 21 or 24 standards.

 

I'm not very knowledgeable at all about ECMs, wiring, pins, firmware/software, etc. (my personal vehicle is a mechanical diesel specifically because I prefer to avoid electronics). But with that said, it seems to me like they could save themselves a lot of trouble if they went after things that are subject to universal standards, like CANBUS or J1939.

 

All the program has to do is either mimic can bus commands (it does not need to have passwords or anything like that) to cause serious problems like an engine shut down or light problems, OR it can flood the bus with garbage preventing module-to-module communications.

 

True but that would need it to know what bus to send on and what commands. Bus 1 for truck 1 is likely going to control something diffrent and with a diffrent instruction set then on truck two and ELDs do have a certain amount of trash protection built in. Ill be honest im hitting the upper limit of my own knowledge much beyond this. Cyber security was only a brief class with my business degree. That said if its just the ELD flooding the ECM with trash for example a truck power on and off cycle should fix it. Unless it writes to the ECM directly i suppose.

I was more refering to stuff like changes and say forceing the engine to race.