Is your truck’s tracking system vulnerable to cybercriminals?

Is your truck’s tracking system vulnerable to cybercriminals?

Tracking systems – like anything else in life – are not immune from cybercriminal attacks. But choosing your device carefully can make a distinct difference.

Do you still have a Nokia 3310 as your telemetry device? Chances are not. With technology changing at such a rapid pace, what used to be cutting-edge three years ago is now already considered old technology. Processing capacity is more than doubling every 18 months. So, if you wouldn’t use an old cellphone, why would you have an outdated telematics tracking device in your vehicle? Tracking devices today have evolved to much more than just location alerts in times of trouble.

Wahl Bartmann, CEO of Fidelity Services Group, says it is encouraging to see just how far telematics communications technology has changed – evolving from a low-density radio frequency in the 1930s to GSM in the late 1990s to IoT networks in the late 2010s, and more recently as an integrated lifestyle service that complements your needs, offering features previously seen in separate applications, services and devices.

Security is a key aspect in today’s modern tracking systems and is one of the key reasons why Fidelity initially partnered with Amber Connect, a world-class technology leader in telematics, to offer the Fidelity SecureDrive vehicle tracking system. Due to its user-centric design, Amber was the perfect partner for Fidelity, and the two companies worked hard to create a modern, state-of-the-art vehicle telematics solution, tailored to the unique South African market.

Three points of attack

When it comes to cyberattacks, there are at least three points of attack. The first is the end-user device; the second is the collection point for the device’s data; and the third is the portal/mobile app that displays the data. South Africans often consider themselves invulnerable to cyberattacks, but because of this mind-set, criminals are increasingly targeting South Africa.

Bartmann says to protect against such attacks the devices and communication networks send secure data to the servers through their own encrypted protocols. “The most likely point of attack is the web portal/mobile application,” he notes.

Attackers leverage common application attack tools and techniques, including social engineering, password brute-forcing and other methods to access information. He explains that SecureDrive’s systems are designed with end-to-end encryptions and are equipped with multiple security layers to prevent just such an attack and to future-proof these devices through continued improvement of the back-end technologies.


Only users can access their data

“At SecureDrive, we have chosen highly secure end-point devices and a secure collection service, and have implemented several safeguards to protect the customer portal and mobile application. The system also has a user management feature that allows only an authenticated user to access their own information,” he says.

The type of information that cybercriminals look for is personal identifiable information supplied by the user – typically, driver and location information. If accessed by cybercriminals, this can provide criminals with a wealth of information, particularly if it is coupled with a positive identity of the persons in the vehicle as well as vehicle location and driver habits. “It can be used not only for blackmail, but also for real-time avoidance of law enforcement and kidnapping,” he says.

Bartmann says it is very important to select a device from a service provider who is not only aware of the security posture of each “link” in the solution chain but has taken proactive steps to ensure that these links are secure from unauthorised use and tampering. In addition, the service provider should have active monitoring in place to identify any attempts at unauthorised access, suspicious behaviour and technical security controls. “It is worth asking to see the cybersecurity solution overview for whichever service provider you choose,” he says.


Other security features to check for:

• Anti-theft technology
For example, SecureDrive has an optional feature called Amber Shield that prevents a vehicle from being started based on parameters set by the user. For instance, the application could be configured either to sound an alarm on start or to automatically prevent the vehicle from being started between certain hours, within certain locations. Additional features include the ability to configure alarms if the vehicle’s door is opened.

• Driver behaviour analytics
This alerts the driver when he or she is exceeding the speed limit, turning too dangerously, driving aggressively or braking too harshly, as well as creating geofenced areas that warn users when they enter these areas. These features assist in creating driver awareness; they also help in situations where children borrow their parents’ vehicles or as a safety measure to warn drivers if they enter an unsafe area.

• Driver alerts
These help when, for example, doors are opened or closed when the vehicle is parked. This helps to protect against remote jamming and theft from vehicle incidents.

Published by

Focus on Transport

FOCUS on Transport and Logistics is the oldest and most respected transport and logistics publication in southern Africa.
Prev Ctrack offers a variety of solutions for driver management
Next Saving fuel: Scania has a double-handed approach

Leave a comment

This site is protected by reCAPTCHA and the Google Privacy Policy and Terms of Service apply.