Business & Investment

Six lessons learned about cybersecurity and cargo in 2021

This year was another tough year for cybersecurity and freight. Main reason: Ransomware attack. Instead of encrypting and unlocking data, criminals sometimes demand millions of dollars in payments.U.S. government An increasingly aggressive approach Attacks continue to fight the ransomware. They have hit companies across the supply chain, including trucking, logistics, freight factoring, freight transportation, and even fuel bunkering.This is what we learned along the way

1 The big carrier is still on the crosshairs: Cyber ​​attacks on Marten Transport based in Wisconsin In October, it reiterated that major carriers remain vulnerable. Marten has never officially described the incident as a ransomware attack.But of the company Explanation in SEC filing The emergence of stolen data on ransomware gang leak sites Suggest that it may have occurred.. Sources told Freight Waves that the attack brought down the company’s operational system. This is what Marten disagrees with. Regardless of what happened to Marten, the incident showed a single largest publicly known cyberattack on major carriers in 2021.

Ransomware attacks can ruin the operations of truck and logistics companies by encrypting data on critical systems. Increasingly, hackers are stealing data. (Emily Ricks / FreightWaves)

2 Ransomware is still the biggest threat, no matter how small you are. Ransomware attacks remain the biggest cyber threat to transportation and logistics companies.An incident that attracts attention like an attack Colonial pipeline When JBS Foods With headlines and the attention of the US government, hackers chase companies of all sizes. In February, a small career manager with 25 trucks Shared his miserable experience Of the attack. The hacker also accessed the carrier’s transportation management system and submitted a screenshot of it. This indicates the possibility of obstruction of trucking. “It was very disturbing,” said the manager. “They can completely sacrifice that aspect of the business. It’s scary to think about it.” This level of access is not uncommon in a successful ransomware attack.

See Now: Why Hackers Consider Cold Storage as a “Primary Target”

3 Technology is a double-edged sword: The digital renaissance that dominated transportation and logistics companies was good for the supply chain. Improved connectivity and visibility allow cargo to move in an efficient and reliable way. However, companies can introduce vulnerabilities if they are not careful. Global Tranz Chief Operating Officer Russ Felker told Freight Waves: “Every digital transformation a company makes is a potential security incident.”

A lock displayed on a virtual circuit board to represent cybersecurity along the hood of a truck.
The threatening environment for transportation and logistics companies requires a serious approach to cybersecurity. (Photo: Jim Allen / FreightWaves)

Four Ransomware attacks don’t have to be catastrophic. A successful ransomware attack can bring down your entire enterprise IT infrastructure. This downtime can be very costly for truck and logistics providers, so some companies find it cheaper to pay criminals. According to cybersecurity experts, this kind of catastrophic attack is inevitable. “Many attacks Can be prevented or at least minimized By implementing security best practices, “Jérôme Segura, director of threat intelligence at Malwarebytes, told Freight Waves in May. “But the daily reality is that many organizations aren’t ready and aren’t working well,” Segura said. Hackers often exploit known vulnerabilities in unpatched systems or exploit malware delivered by phishing emails. However, given the vast and complex nature of networks, businesses need to not only try to close all doors, but also train personnel to identify phishing. Defense in depth is needed to prevent the entire network from going down.

Illustration of a man in a thief costume running across 1s and 0s to explain data theft during a ransomware attack.
Hackers often steal data before activating ransomware attacks. (Illustration: TarikVision / Shutterstock)

Five Will you be hacked?Call a lawyer: Cybercriminals typically access and steal data from victims to further exploit ransomware attacks. As a result, businesses face the risks of state data disclosure law minefields and costly proceedings. As a result, companies and their insurance companies spend very little time calling lawyers who specialize in cyber incident response. In July, South Carolina lawyer Carrie Palmer explained How she helped lead a truck company Through the aftermath of the attack. One of the dilemmas facing carriers is whether to pay the ransom. A decision was made not to do something like “we do not negotiate with terrorists,” Palmer said.

Illustration of a burger wearing a striped shirt using a vacuum to extract data from a computer. Shows an article about a cyber thief stealing data.
Marketo leak site operators claim to have stolen data from heavy-duty truck maker Navistar. (Illustration: solar22 / Shutterstock)

6 Worth cyber criminals? After truck maker Navistar was the victim of a cyberattack, data stolen from the company appeared on a dark web marketplace called Marketo.and Interview with Freight Waves, The site operator has sought to differentiate itself from cybercriminals engaged in ransomware attacks. “We don’t encrypt the data,” Marketo said. “We do not interfere with the work of the network, do damage and try to close the company.” Such an attack “contrary to our moral principles,” the group said. Marketo’s allegations are suspicious, as the group posted data stolen during the ransomware attack. But even if Marketo tells the truth, mere data theft can be incredibly costly.Navistar is itself Facing proceedings related In a data breach trusted by Marketo.

read more

Click to see more Freight Waves articles by Nate Tabak

Six lessons learned about cybersecurity and cargo in 2021 Six lessons learned about cybersecurity and cargo in 2021

Back to top button