Buyer Beware

Scopelitis

There has been recent news about increased enforcement related to ELDs, highlighting fraudulent activities that are being uncovered in the field by enforcement. Additionally, an increasing number of false logs are being cited roadside, and for the first time since STC can remember, driver Out-Of-Service (OOS) rates are eclipsing the seven percent mark thus far in 2025. What is leading to this increase in violations and fraud, and what is being done about it?

At a recent CVSA Workshop, its Driver Committee had a spirited discussion on the topic of ELD fraud and tampering. As a part of the discussion, Oregon enforcement personnel made a presentation of some of the fraudulent ELD activities they have uncovered in their investigative work. The committee discussion that ensued noted that in some cases, drivers, carriers, and third-party service providers are fabricating Hours of Service (HOS) records to show an ELD file with no HOS violations, and in many cases, even falsifying electronic supporting documents to match the ELD file. In some cases, entire days are being manipulated, making it impossible for inspectors to determine when actual driving or rest periods occurred.

These discussions have resulted in CVSA taking two actions:

1. Developing an inspection bulletin for roadside inspectors that explains the difference between a typical false entry in a record of duty status, such as a driver claiming off-duty time while fueling their vehicle, and an ELD file that has been manipulated; and
2. Adding a section to the North American Out of Service Criteria related to ELD tampering that will go into effect in April 2026.

In addition, the NTSB recently brought this issue to light with the release of a report from a 2022 fatal crash in Williamsburg, Virginia. ​The NTSB determined that the truck driver’s crash was due to fatigue from excess driving time and lack of sleep opportunity. They found the motor carrier had created fictitious driver accounts (often referred to as ghost drivers) for its’ ELDs that allowed drivers to exceed federal hours-of-service regulations. STC covered the details in this case in a recent TrueNorth Truck Thought podcast with Shawn Currie from the NTSB.

For its part, FMCSA has ramped up its efforts to combat and support ELD enforcement. They continue to revoke ELD providers’ certifications and have several ongoing investigations into ELD providers that are not complying with the rules. The FMCSA ELD registry currently has 1,025 devices registered.

The hours-of-service regulations are central to safety and are directly related to a motor carrier’s bottom line. They are under constant scrutiny as a result. So, when the economic environment is difficult for trucking, as it has been for the last two years or so, it stands to reason that some motor carriers may elect to circumvent HOS rules to enable them to move more freight. Additionally, when freight rates skyrocketed during the COVID-19 freight rebound, there was a surge in new motor carriers entering the business, attracted by the higher rates, with most being small or one-truck operators. However, since that surge, rates have fallen significantly, making things more difficult for many motor carriers. Unfortunately, as rates fall, the pressure to find creative ways to run more miles or deliver more freight increases.

These circumstances, along with enforcement becoming smarter and more resourceful at detection, are leading to an uptick in HOS violations, falsification, and fraud. This increase in enforcement activity is leading to more FMCSA certification revocations of non-compliant ELDs. In fact, to date, FMCSA has revoked the certifications of 59 ELDs. As many of our friends are aware, STC dedicates a significant amount of time to collaborating with motor carriers and ELD providers on Hours of Service and ELD regulatory compliance. We have direct knowledge and experience with what is happening both with industry and enforcement. This uptick in fraudulent activity and this experience tell us to remind ELD customers:“buyer beware.”

What remains to be seen is how the government will choose to address these issues. In Canada, they are revising their ELD Technical Standards based on their experiences with ELDs to date. In its recently published Unified Agenda, the FMCSA has an NPRM on ELD Revisions scheduled to be released in May 2026. STC is aware that the Canadian authorities and FMCSA are discussing this, and the question remains whether the US will follow the Canadian lead and establish an ELD Certification Program and harmonized standards, or if it will take a different route. FMCSA also recently announced it will be launching two pilot programs that will explore potential modifications to the HOS rules to include examining the impacts of adjusting the sleeper berth splits or pauses to the 14-hour clock. So, we have a bit of a conflict brewing here, with the Agency trying to balance the industry’s need for flexibility while also cracking down on problem actors. Hopefully, the end result will be a win for safety.

Cybersecurity for Smaller Trucking Fleets and Owner-Operators

Ben Wilkins

Heavy-duty trucking is a complex and varied industry. Anyone who has worked as an owner-operator or in a small to mid-sized trucking company knows that nearly everyone wears multiple hats, and there is no shortage of work to be done.

It’s no wonder cybersecurity is often overlooked amidst all the other fires to put out when running a small trucking fleet — until it’s too late.

Cybercrime is growing in the trucking industry, whether that is in the form of ransomware as a service (RaaS), data theft, or cyber-enabled cargo theft.

While there are many cybersecurity frameworks and standards available, they are typically written with an experienced cybersecurity professional or team in mind. And they don’t directly address some of the unique challenges in the trucking industry.

That’s why the National Motor Freight Traffic Association’s cybersecurity team has produced a series of guidebooks to give trucking companies concrete, practical steps to boost cyber-resiliency in an easy-to-read format. Learn more about these guides and get some immediate practical tips in this article.

NMFTA’s Roadmap to Resilience for Trucking Cybersecurity

A strong cybersecurity program relies on key controls that are important no matter the size of the organization. But in many cybersecurity standards, these essential controls can be hard to identify, especially for those without technical expertise. And they’re often presented in a way that feels overwhelming or too complex for smaller organizations to put into practice.

NMFTA’s Roadmap to Resilience resources identify these critical controls, simplify the way they are presented, and tie them directly to the operational needs of trucking owner-operators and small to mid-sized heavy duty trucking fleets.

These resources are broken down into three separate guides, each one targeting trucking operations within a specific size range.

A Cybersecurity Guide for Truck Owner-Operators

As an owner-operator, there are a lot of different duties that must be handled by one person: finding freight to haul, driving the truck, handling invoices and payments, coordinating or performing maintenance, filing legal documentation and taxes. The list goes on and on.

Too often, cybersecurity doesn’t even make the cut. This is not intentional, but simply because the impact of cyber-threats on an individual owner operator is often underestimated.

Even when the owner-operator is aware of cybersecurity concerns, they often don’t have the time, resources or training to design and implement a good cybersecurity plan.

The NMFTA Owner-Operator Core Controls guide provides 10 clearly worded, specific steps that make up the foundation of a solid cybersecurity program for the single owner-operator.

This guide consists of simple behaviors, and free or low-cost controls that can be put in place by anyone, with or without technical training or experience, to dramatically lower their risk of falling victim to a successful cyberattack, or cyber-enabled fraud.

While no security program can remove all risk of a cyberattack, being prepared and implementing the core cybersecurity controls listed in this guide will significantly reduce risk. In the event of a successful attack, they also ensure that the owner-operator is able to recover quickly and experience as little business disruption and financial impact as possible.

5 Cybersecurity Tips for Owner-Operators 

• Regularly monitor your credit and all financial account statements. This will allow you to quickly spot signs of fraud and identity theft. Freezing credit when not actively needed for securing new financing is a great preemptive step as well.
• Understanding your risk exposure is extremely important. Knowing what assets you have (physical and digital), and what risks those assets are exposed to is critical to developing ways to protect against those risks.
• Taking the time to configure settings like strong, unique passwords and multifactor authentication (MFA) on all accounts is a free/extremely low-cost control with a very high return on investment.
• Being aware of what you share online is important. Cybercriminals are very good at taking lots of little bread-crumbs and building a comprehensive enough profile on an individual to effectively social engineer them, extort them, or commit identity theft.
• Develop a security strategy and make sure that it aligns with, and supports, your business strategy.

Cybersecurity for Small Trucking Fleets

Many small, independent trucking operations straddle the line between an owner-operator and a fleet. These organizations may have one truck or 50. They are often in a transition or growth phase as they add more staff and assets.

The cybersecurity requirements to protect these organizations can vary widely based on their scale and operational complexity and so can their available staff and resources with which to address these cybersecurity concerns.

There are a range of different approaches to cybersecurity roles and responsibilities in this segment.

On the smaller end, operations often will have an owner or small team who handles all their own information technology (IT) and cybersecurity needs on top of additional duties.

At the larger end there will often be either a dedicated IT staff member who handles both the operational information technology needs and cybersecurity, or a third-party managed services provider or managed security service provider who handles IT and/or cybersecurity.

To access free resources, visit www.nmfta.org/cybersecurity.

With this range in mind, NMFTA’s Owner Operator and Small Fleet guidebook provides a multi-tiered approach to cybersecurity. This guidebook begins with cybersecurity prerequisites that every organization should put in place as the foundation of their program, and progresses up through initial, intermediate, and advanced controls.

This progressive approach is presented in a way that a non-technical reader will be able fully understand the impact of each control. That will allow them to prioritize their efforts to implement controls internally or to have well-informed conversations with their external service providers to design and implement a robust, right-sized cybersecurity program.

Each tier in this guidebook builds on the controls laid out in the previous tier, allowing organizations to grow and mature their cybersecurity program over time.

3 Cybersecurity Tips for Small Trucking Fleets 

• Understand the various business units in your organization and how the cybersecurity threats they face differ. Some will be universal, but many times different areas of the business will have different threat exposures. Training and cybersecurity controls should be specifically tailored to address those risks in a meaningful way for each business unit.
• Involve business unit leaders in incident response, disaster recovery, and business continuity planning and practice. Do not leave these tasks to IT or cybersecurity alone. The business insights these individuals bring are critical to creating an effective plan or response.
• Ensure that your employees are trained and empowered to report cybersecurity threats that they encounter. Humans are a vital component of your cybersecurity program, and all the technical controls in the world will fail if employees are not properly trained to detect and appropriately respond to phishing, social engineering and fraud.

Cybersecurity for Mid-Sized Trucking Fleets

By the time a trucking operation reaches more than 50 trucks, it’s likely their operational complexity will exceed the scope addressed in the Owner Operator and Small Fleet guide. To create a well-designed and robust cybersecurity program for trucking companies in this range, additional and more technically sophisticated controls must be discussed.

NMFTA’s Mid-Sized Fleet guidebook in the Roadmap to Resilience series is designed with this in mind. This installment speaks directly to the complexity of operations with anywhere from 50 to 3,000 assets.

It is important to note that the variety of different operating methods, business structures, and staffing levels across this segment of the trucking sector is extensive.

Many organizations in this range will have internal IT teams and may even have one or more employees with specific cybersecurity responsibilities. However, other organizations in this range will have little to no internal IT or security staff and will rely extensively on external vendors for their IT and cybersecurity needs.

Similar to the Owner Operator and Small Fleet guidebook, the Mid-Sized Fleet guidebook is divided into four tiers: prerequisites, initial, intermediate, and advanced.

The prerequisite expectations at this scale encompass much of the first two tiers found in the guidance for smaller fleets. Once these controls are in place, the heavy lift begins in earnest.

The initial tier of controls for mid-size fleets focuses heavily on mitigating common attack vectors to the organization’s networks and devices, as well as ensuring comprehensive logging across all systems.

By the time an organization has deployed all of the controls in this section, they are solidly out of “low hanging fruit” territory, and well on their way to becoming a cyber-resilient operation.

Out of Low-Hanging-Fruit Territory

The intermediate and advanced tiers for this guidebook introduce ways to create and maintain a mature cybersecurity program through advanced technical controls, comprehensive cybersecurity policies and documentation, and a holistic approach to cybersecurity and risk management that is aligned with the business goals of the organization.

This in-depth guide to creating a cybersecurity program in a midsized trucking company also addresses the elephant in the room — even with good cybersecurity practices and programs in place, successful cyberattacks are still possible.

That’s why this guidebook provides a roadmap to designing and implementing incident response plans, business continuity plans, and disaster recovery plans. This is a critical phase of cybersecurity planning to ensure that the business impact of any successful cyberattack is minimized.

Done right, managing continuity of operations during and after an incident or attack is a choreographed and well-rehearsed activity including cybersecurity teams, operations teams, and business leadership.

3 Cybersecurity Tips for Both Owner-Operators and Fleets 

• Stay educated about the cybersecurity risks that are relevant to the transportation industry.
• Patch and update all software and systems regularly. This is a common Achilles heel in many organizations. Unpatched vulnerabilities are open doors waiting for threat actors to walk in.
• Prioritize a proactive approach to cybersecurity. Understand that during an incident is not the time to start response planning or to start mapping out what you have for systems and software in your environment.

More Cybersecurity Resources Coming from NMFTA

These three resources represent the first phase of the Roadmap to Resilience project and will be followed in the coming months by two additional resources.

The Cyber-Enable Cargo Theft Prevention Guide will discuss the relationship between cybersecurity, fraud, and strategic cargo theft.

Cargo theft is a widespread issue in the trucking industry and the wider transportation and logistics sector. This resource will provide trucking companies of all sizes with concrete steps that they can take to begin to mitigate their risk from these types of losses.

The Third-Party Vendor Security Checklist will provide clear, concise cybersecurity questions that can guide the process of selecting security conscious, reliable vendors to partner with.

It is important to remember that onboarding any vendor means that their cybersecurity risks add to the existing cybersecurity risks already present in the organization. Ensuring that vendors take the appropriate security measures is a critical step in managing supply chain vulnerabilities present in an organization.

No matter what size trucking company you operate, NMFTA’s Roadmap to Resilience resources will help you design, implement and maintain a robust and holistic cybersecurity program to protect your business from cybercriminals.

There is a common saying in cybersecurity: “You don’t have to be faster than the bear, you just don’t want to be the slowest one running from the bear.”

Lace up your running shoes, grab your NMFTA cybersecurity Guidebook, and put some distance between you and the bear!

The impact of diminishing wireless connectivity on the trucking industry

Angel Coker

Having no cell signal is something out of a horror film. You see the characters reach a rural area with no service, and you know something bad is about to go down.

Wireless connectivity is something most people in the U.S. take for granted, but according to a recent report by J.D. Power, it’s getting worse. The 2025 U.S. Wireless Network Quality Performance Study found an increase of two network problems per 100 uses from nine in the first half of 2024 to 11 in the second half.

According to the report, the average time wireless customers spend on their devices increased 40 minutes compared to the first half of 2024, and more than one-third of Gen X1 and Gen Y uses their phones for more than eight hours every two days, most of which is spent streaming, gaming or browsing.

That increase in demand for bandwidth is causing network problems. Fortunately, the trucking industry, which relies on this diminishing wireless connectivity for the use of technology in trucks, hasn’t experienced a major impact from this … yet.

“I have yet to hear carriers complain about cellular congestion as being an issue,” said Jay Delaney, director of product at transportation management provider Magnus Technologies. “However, with the rapid increase in data (driven primarily by streaming services, which are very data intensive), I suspect we may well start to see carriers being impacted in the near future.”

Delaney said the good news is the data requirements are generally small for most transportation technology compared to uses like streaming, which is what consumes the majority of bandwidth. For example, streaming a movie can take gigabytes of data. He said some newer technology for streaming does some compression that helps so “think 250MB or 250,000,000 bytes.” That’s compared to 2,000 bytes for a typical delivery transaction with up to around 100,000 bytes if scanned images are included.

“Most of the mobile apps can support store and forward capability so that if there is congestion, the message remains in queue and is sent when the congestion softens,” he added. “I think this will have a dampening effect on the transportation industry’s impacts as cellular congestion continues to be a more and more prolific issue for other industries.”

Rand McNally Chief Technology Officer Hans Molin said his company’s technology solutions don’t use a ton of bandwidth, and because the company has already compressed and optimized the data stream coming off the vehicle, it is much less susceptible to connectivity issues.

But that’s not the case with every solution.

That expectation of always being connected, he said, has led many trucking technology providers to build solutions fully around the cloud.

Though cellular coverage is getting better, it isn’t getting better everywhere, Molin said, so system developers for commercial vehicles, which are used for transportation throughout metro and rural areas alike, can’t think with the mindset that service will always be accessible.

“With consumer devices consuming so much more data and people just expecting to stream Netflix 24/7 on their cell phones, I think there’s a lot of focus on (expanding coverage in) the metropolitan areas and the residential areas,” Molin said. “It’s surprising how often I drive on the big highways out in between the cities, and you’ll lose coverage.”

Certain systems still need to work whether wireless connectivity is available or not.

“There are even safety systems out on the market today for commercial vehicles that are fully cloud based. They expect to get a continuous data feed from the vehicle, and then they do something on the cloud, and then they send a real-time alert down to the vehicle, and when the connection isn’t there, that whole thing fails,” Molin said. “If it’s a safety-related system, we have to make sure that if there are areas where trucks drive that don’t have connection … you have to have the backup.”

That’s why Rand McNally offers very few solutions that are purely cloud based, he said. The company always has a device in the vehicle that has processing power onboard, especially if it’s safety critical like lane departure or collision warnings or real-time diagnostics of the vehicle.

If an alert needs to be real time, the company doesn’t use a cloud-based system for that. Instead, Rand McNally uses the cloud more as a support system to augment data.

“Our view is you shouldn’t just do that cloud based on the back end because when the connection goes down – not if, but when – now, you don’t have an alert,” Molin said. “Then I can buffer information. I can augment it and say, ‘This is why it happened,’ or we can look at more than before and after. You can do that on the cloud. You can do that an hour later when you have connection.

“But the instant warning to the driver, that has to be processed on the device, and not every company does it that way,” he added.