Jason Cannon
A recent study conducted by data collection experts SOAX, utilizing data from the Identity Theft Resource Center on the number of data violation cases from 2020 to 2023 by industry, revealed the United States experienced a total of 3,205 data breaches in 2023, a 78% increase from 2022.
The transportation industry saw 101 data violation cases last year. The number of cases is up more than 181% from the year before and the 101 incidents logged last year matches the total number of cases from 2020, 2021 and 2022 combined. In all the segments ranked by SOAX, no other industry saw a year-over-year increase larger than transportation, with only the financial services sector coming close (177%).
Trellix
“While the study highlights a significant increase in cyberattacks across all sectors, the particularly steep rise in the transportation sector underscores the urgent need for enhanced cybersecurity measures,” Stepan Solovev, CEO and Co-founder of SOAX told CCJ. “Cyberattacks affecting public services such as transportation could majorly affect the day to day lives of average Americans, as shown by the staggering 12 million victims who were impacted by cyberattacks within the transportation sector in 2023.”
Troubling news for trucking’s transition to battery electric trucking is that, despite ranking fourteenth with just 44 data breach incidents, the utilities industry had the highest number of victims in 2023, according to SOAX. A staggering 73 million individuals were affected by data breaches within this sector, highlighting its vulnerability and making it the most at risk for aggressive cyberattacks targeting people.
“The study has identified a concerning sharp rise in cyber incidents across all US industries in 2023, which is particularly alarming,” said Solovev. “The increase in attacks demonstrates that cybercriminals pose an increasing threat. Industries must adapt and evolve with these technological advancements to ensure they are protected from cyberattacks.”
The transportation and shipping sectors generated 53% and 45% of global ransomware detections, according to data from cybersecurity company Trellix.
“The last six months have been unprecedented – a state of polycrisis remains and everything from elections to warfare to law enforcement activity have accelerated cyber threat actor activity globally. We’re seeing radical shifts in behavior,” said John Fokker, Head of Threat Intelligence at Trellix. “The cat and mouse game of cybersecurity is becoming more complex. Security leaders need more operational threat intelligence in order to outpace cybercriminals.”
FMCSA and its state partners conducted more than 12,300 investigations in 2023 and continued its shift to more on-site audits, up 13% over 2022.
Daren Hansen
For the third year in a row, more DOT audits are being performed on-site. As a result, investigators are finding more serious violations and issuing more penalties than in years past. Are you prepared for an auditor’s knock on your door?
The Federal Motor Carrier Safety Administration (FMCSA) relied heavily on off-site audits during the peak of the pandemic, performing more than half of its audits remotely. Last year saw a continued shift towards getting auditors back out into the field, where fully 80 percent of audits were performed.
Odds Are, You Have Violations
Why is the location of an audit important? On-site audits bring much more scrutiny — more interviews conducted, more documents reviewed, more vehicles inspected — so it’s no surprise they’re uncovering twice as many acute violations (the most serious kind) than they did just a few years ago.
If you think you’re too small for an audit or would survive one unscathed, consider this: fully 94 percent of audits resulted in violations last year, and over half (54 percent) were of companies with fewer than 7 power units. About 97 percent of those audited had 100 or fewer units.
If you’re not quite ready for that knock on the door, it’s time to get prepared for a DOT investigation of your compliance program, especially your documentation.
Comprehensive Audits Up 13%
In 2023, the FMCSA and its state partners performed over 12,300 investigations, down slightly from 2022 but the decline was limited to off-site audits. The total included roughly:
- 4,100 on-site comprehensive audits (up 13%)
- 5,800 on-site focused reviews (up 8%)
- 2,200 off-site audits (down 34%)
Complete Records are Vital
The state of your documentation will make or break your audit results, and meticulous recordkeeping has never been more important.
If you’re unsure where to begin preparing for an audit, getting your DOT-mandated paperwork in good shape is a great place to start. About 65 percent of all critical violations found during audits last year related to recordkeeping, including 7 out of the top 10.
Why does it matter? Consider a favorite target: false logs. If an auditor discovers that just 10 percent of your drivers’ logs are falsified, the best you can hope for is a Conditional safety rating. If additional violations are found, you could easily face an out-of-service order.
A comprehensive, on-site audit is the most intensive, potentially taking several days and involving an in-depth document review, interviews, and inspections covering all aspects of a motor carrier’s operations. An off-site audit involves a review of documents sent to the auditor, making it less stressful and intrusive.
Nearly half of audits in 2023 were “on-site focused,” where the auditor comes on-site and targets a specific safety problem, such as hours of service (HOS) or driver files, typically as a result of poor Compliance, Safety, Accountability (CSA) scores.
More Serious Violations, More Conditional Ratings
As noted, an increase in on-site audits means more serious violations are being found and higher penalties are being paid. Last year saw a 5-percent increase in investigations that led to either acute or critical violations, the types that can impact your safety rating. As a result, there was an uptick in carriers that received a Conditional safety rating last year.
More than 1 in 4 audits resulted in a fine, and both fine amounts and the number of enforcement cases ticked upward in 2023. When fines are levied, they are higher than ever — the maximum fines allowed by law are tied to inflation and have increased by 17 percent over the past three years.
2023 By the Numbers
- 94% of audits resulted in at least one violation
- 26% resulted in fines or other penalties
- 3,830 enforcement cases were finalized (up 6%)
- $26,700,000 in fines were collected (up 4%)
- $7,000 was paid per settlement, on average (up 2%)
- 52% of audits resulted in acute or critical violations (up from 47%)
- 32% of audits resulted in critical violations (up from 30%)
- 20% of audits resulted in acute violations (up from 17% and double the percentage from 2020)
- 35% of audits resulted in a less-than-satisfactory safety rating
- 29% were Conditional (up from 28%)
- 6% were Unsatisfactory (no change)
Audits are not only hitting motor carriers’ bottom lines; they’re having long-range impacts since less-than-satisfactory safety ratings can lead to lost business, higher insurance rates, and increased liability in court.
Top 5 FMCSA fines of 2023
- $426,210 — Violating OOS order, denying access, HM violations, false logs
- $160,000 — HM violations
- $135,390 — Random drug testing & CDL violations
- $126,960 — Driver qualification violations
- $111,410 — Log falsification & vehicle maintenance violations
Note from Dennis McGee;
(During conducting mock audits, I find many truck drivers using “yard move” at truck stops, shippers and receivers in areas which are OPEN to the public. Consequently, with the FMCSA current definition of “yard move”, these are false log entries. Currently, the “yard move” must be in an area NOT open to the public.
“Driving” time or “Line-3” time is considered time behind the wheel of a commercial motor vehicle that operates on a “highway” per 49CFR part 390.5. A
Insights Offered During TCA Session Intended to Help Drivers Minimize Accidents
Eric Miller
INDIANAPOLIS — Three trucking and insurance executives offered advice on how leaders can adopt technologies and impact their companies’ safety culture from the executive suite during a session at Truckload Carriers Association’s 2024 Safety and Security Meeting.
The discussion also was intended to help truckers gain insight into the steps and strategies involved in achieving minimal accidents within an organization, their key meaningful metrics and the importance of leaders’ roles in fostering a safety-oriented environment.
“One of the things that I look at more frequently is speeding,” Fortune Transportation Co. CEO Perry Olson said June 2. “Not so much as speeding, but where it’s occurring.
“If I’ve got somebody speeding in Montana on an interstate, that’s not where I need to focus. But if I’ve got somebody who’s speeding in a construction or a school zone, that’s more important.”
Olson said he also keeps an eye out for the different problems that individual drivers have beyond the Federal Motor Carrier Safety Administration’s Compliance, Safety, Accountability metrics and operations.
“I think we all understand that safety is not negotiable,” Kriska Transportation CEO Mark Seymour said. “You can save a little money now, but you’re going to pay for it later. It’s tough to restart what you’ve stopped. It needs to be there all the time.”
Asked what tech he deploys, Olson said he sees great value in the use of forward- and driver-facing cameras.
“There’s virtually zero debate about the value of forward-facing cameras,” Olson said. “But we employed driver-facing cameras in the early days. Driver-facing cameras provide data, but then what do you have to do with that data?”
“We don’t deploy driver-facing cameras, but forward-facing cameras are the technology that’s been the biggest differentiator in recent years,” Seymour said. “Not just for coaching, but for accident mitigation, accident responsibility and awareness.”
Mike Miller, general manager for Progressive Insurance Fleet Programs, said insurance companies are using data to create metrics.
“Over time, lots of vendors are working with the data to give you some ideas about behaviors,” Miller said. … “You want to either have the data, or you don’t want to have the data. Understand that insurance companies are going to be looking at that, and it’s going to affect your rates over time.”
Seymour said, “Over the course of my carrier, we have had about 25 acquisitions. But by no means do I want to profess that we’re good at it — but rather we’ve done a lot of it.
“You can’t fix broken. You can’t fix stupid. You can’t fix ignorance. Safety has to be a critical component. As we acquire businesses, we’ve not batted 1.000; we’ve made some mistakes. I’d say now after we have made those mistakes we understand how important it is to ask the right questions.”
Another important issue related to safety is to have your operators under supervision, Seymour added.
“There’s no greater value in your business than having your professional operators report to someone,” he said. “Typically, they’re the only people in your organization who generate revenue. How can they not be important enough to know who they report to?”
PHMSA Requests Comments on Multiple Hazardous Materials ICR
On May 10, the Pipeline and Hazardous Materials Safety Administration (PHMSA) requested comments on multiple hazardous materials information collection requests (ICR), including the Flammable Cryogenic Liquids ICR, the Response Plans for Shipments of Oil ICR and the Requirements for United Nations Cylinders ICR. Comments are due by July 9.
PHMSA Issues Correction to Harmonization with International Standards Final Rule
On May 9, PHMSA issued a correction to the Harmonization with International Standards final rule. The corrections address several errors to the hazardous material entries in the hazardous materials table. This correction is effective May 10.
FMCSA Requests Comments on VBC Petition for Inconsequential Noncompliance
On May 8, the Federal Motor Carrier Safety Administration (FMCSA) requested comments on Volvo Bus Corporation’s (VBC) petition for inconsequential noncompliance and has determined that certain model year 2009-2023 Volvo 9700 buses do not fully comply with Federal Motor Vehicle Safety Standard No. 108, Lamps, Reflective Devices and Associated Equipment. Comments are due by June 7.
FMCSA Requests Comments on Licensing Applications for Motor Carrier Operating Authority ICR
On May 7, FMCSA requested comments on the Licensing Applications for Motor Carrier Operating Authority ICR. The ICR applies to: (1) existing registrants (i.e., entities that already have a USDOT number and/or operating authority) that are subject to FMCSA’s licensing, registration and certification regulations that wish to apply for additional authorities; and (2) Mexico-domiciled carriers that wish to operate beyond the U.S. municipalities on the U.S.-Mexico border and their commercial zones. Comments are due by June 6.
FMCSA Requests Comments on Motor Carrier Records Change Form ICR
On May 7, FMCSA requested comments on the Motor Carrier Records Change Form ICR. The purpose of this ICR is to collect information required by the Office of Registration to process name changes, address changes and reinstatements of operating authority for motor carriers, freight forwarders and brokers. Comments are due by June 6.
FHWA and NHTSA Publish Joint Final Rule on Uniform Procedures for State Highway Safety Grant Programs
On May 6, the Federal Highway Administration (FHWA) and the National Highway Traffic Safety Administration (NHTSA) published a final rule amending the uniform procedures implementing the State Highway Safety Grant Program to waive, for fiscal 2025, the requirement targets for the common performance measures be identical to targets in the State Highway Safety Improvement Program. This final rule makes a corresponding change to a similar requirement in FHWA’s performance management regulation. This final rule is effective May 6.
NHTSA Requests Comments on Examining Distraction and Driver Monitoring Systems to Improve Driver Safety ICR
On May 6, NHTSA requested comments on the Examining Distraction and Driver Monitoring Systems to Improve Driver Safety ICR, which is part of a study to improve NHTSA’s understanding of the differences in approaches to driver state detection and the potential safety impacts of driver monitoring systems. Comments are due by June 5.
FMCSA Requests Comments on Updating Level VI Out-of-Service Criteria Incorporation by Reference
On May 3, FMCSA requested comments on the proposed amendments to the hazardous materials safety permit regulations to update the incorporation by reference of CVSA’s “North American Standard Out-of-Service Criteria and Level VI Inspection Procedures and Out-of-Service Criteria for Commercial Highway Vehicles Transporting Transuranics and Highway Route Controlled Quantities of Radioactive Materials as Defined in 49 CFR Part 173.403” to reference the 2024 edition. Comments are due by June 3.
FMCSA Announces Upcoming Registration Modernization Stakeholder Day
On May 1, FMCSA announced a virtual Registration Modernization Stakeholder Day to engage stakeholders to hear more on their perspectives on improving the registration experience with FMCSA. The virtual public meeting will be held on May 29, and advanced registration is required.
Update on Exemptions
FMCSA Grants Gemini’s Intellistop Module Exemption
On May 10, FMCSA granted Gemini Motor Transport LP’s (Gemini) application for an exemption to allow it to operate commercial motor vehicles (CMV) equipped with a module manufactured by Intellistop Inc. (Intellistop), which is designed to pulse the required rear clearance, identification and brake lamps from a lower-level lighting intensity to a higher-level lighting intensity four times in two seconds when the brakes are applied and then return the lights to a steady-burning state while the brakes remain engaged. The agency has granted the exemption to Gemini, determining an individual and easily identifiable motor carrier operating a finite number of CMVs would likely achieve a level of safety equivalent to, or greater than, the level of safety achieved by the regulation. This exemption is effective May 10, 2024, and ends May 12, 2029.
FMCSA Denies Pitt Ohio’s Exemption Request from SDAP Program Requirements
On May 9, FMCSA denied the application from Pitt Ohio Express LLC (Pitt Ohio) to exempt its drivers from one of the requirements in the agency’s Safe Driver Apprenticeship Pilot (SDAP) program. Pitt Ohio requested an exemption allowing it to use drivers under age 21 holding a commercial learner’s permit and operating CMVs in interstate commerce to participate in the SDAP program. FMCSA analyzed the application and determined that there is insufficient basis to conclude that the exemption would likely achieve a level of safety that is equivalent to, or greater than, the level that would be achieved absent such exemption.
CVSA Updates Three Inspection Bulletins
At the CVSA Workshop last month, the following inspection bulletins were updated:
- 2021-05 – Acceptance of Electronic Documents | (French) (Spanish)
- 2017-02 – Securement of an Intermodal Container on a Container Chassis Vehicle | (French) (Spanish)
- 2012-04 – Hydraulic/Electric/Surge Brake System and Light-Duty Trailer Inspection Procedure | (French) (Spanish)
The United States Department of Transportation (DOT) proposes a new system of records titled ‘‘DOT/FMCSA 014 Electronic Logging Device (ELD) Records’’. This system of records is used to facilitate the retrieval, transfer, and collection of hours-of-service (HOS) data from electronic ELD files submitted by motor carriers and the review of HOS data by authorized safety officials. The system retrieves data recorded by a motor carrier’s ELD via an ELD output file. Upon receipt of this ELD output file, the system analyzes the data, identifies instances of potential noncompliance, and notifies the authorized safety official of these instances. FMCSA maintains ELD data for use in investigations and enforcement actions and to determine compliance with HOS requirements. The primary purpose of the ELD system is to allow authorized safety officials to assess electronic ELD files rapidly and accurately at roadside and during reviews and safety audits to determine whether the driver is in compliance with the HOS regulations. The ELD system will also be used to assess whether ELDs meet certain technical specifications that are set forth in the HOS regulations. Additionally, the Agency may use ELD data internally to inform research efforts related to enforcement of safety regulations, including driving hours, as such research may ultimately improve compliance with HOS requirements.
Read more here.
Mark Schremmer
A large-scale AT&T outage on Thursday, Feb. 22 raised questions about how truck drivers can remain compliant if their electronic logging device stops working.
The short answer is that truckers may have to turn to paper logs to track hours of service, which was the norm before ELDs became federally mandated in 2017.
“If the ELD goes down and they can’t transfer the information … the safety official will use the ELD display or the printout to verify compliance,” said Tom Crowley, a compliance and regulatory expert for the Owner-Operator Independent Drivers Association. “The issue becomes if your ELD doesn’t retain that last seven days of information, you’d have to go back and recreate those seven days.”
According to reports, tens of thousands of AT&T customers lost cell service on Thursday. AT&T said that service was restored by Thursday afternoon and that it did not believe the outage to be caused by a cyberattack.
“Based on our initial review, we believe that today’s outage was caused by the application and execution of an incorrect process used as we were expanding our network, not a cyberattack,” the company wrote Thursday evening. “We are continuing our assessment of today’s outage to ensure we keep delivering the service that our customers deserve.”
A cell service outage can be extremely problematic for truck drivers, as the technology can be needed for a wide array of reasons including ELDs, dispatch, mapping, weather forecasts and engine control module updates.
This was the first large-scale outage since ELDs became mandated in 2017.
For truckers who started after the mandate, Crowley voiced concerns about how many know how to fill out a paper log.
“You have a lot of drivers out there who have only used ELDs,” Crowley said. “You hand them a paper log, and they’re going to get lost. People are so reliant on the ELD now to keep track of their time. The ELD tells them if they’re getting close to their hour limitations. Back in the day, that was up to the driver to keep track of their hours. I bet there are a lot of drivers out there who don’t have a clue on how to do a recap.”
OOIDA Executive Vice President Lew Pugh stressed the importance of truck drivers making notations for why they had to move to paper logs.
“Notate why you’re doing what you’re doing,” Pugh said. “Because five months from now and you get audited, we’ve all forgotten.”
Crowley noted that the U.S. Department of Transportation can request logs from up to six months ago.
Pugh said the concerns over a technology outage are amplified “a million times” when we’re discussing autonomous vehicles.
“If an ELD screws up, it doesn’t kill anybody. If an AV screws up, it’s a family of five,” he said.
