Cybersecurity in logistics

Cybersecurity is a foremost concern for logistics companies that have multiple touch points with ships, trucks, airplanes, IoT devices and share information with numerous partners over uncontrolled networks during the shipping process. This large “threat surface” makes them prime targets for cybersecurity attacks.

The impact of a cyberattack on a logistics operation can be huge and potentially cause a?doomsday scenario for the enterprise as they could:

• Lose valuable data about inventory, delivery, arrival/departure times, and operations data related to cargo, air, trucks etc. to cyber criminals with no way of retrieving this data beyond than paying a hefty ransom.
• ?Lose long-time customers and/or have to pay huge fees to compensate customer delays.
• Have malicious groups tamper with their operations causing havoc to them and their partner organizations impacting logistics and causing billions of dollars in revenue losses

In the recent past, numerous direct and indirect cyber security attacks on logistics companies have exposed the fragility of global supply chains. Some examples are:

• SolarWinds was the most significant cyberattack of 2020. An estimated 18,000 organizations were impacted by the attack, including both public companies and US government organizations. On average, the cost of the attack to each impacted company is estimated at $12 million.
• After trucking and freight company Forward Air was impacted by a Hades malware infection it had to take all its IT systems offline to prevent spread which caused a major impact to its business operations.
• Expeditors International of Washington incurred a cyber attack in February of 2022 and it is still struggling from the aftermath including a lawsuit from their customer iRobot seeking compensation for delays and lost business.
• NotPetya was a targeted supply chain attack against organizations in Ukraine which impacted Danish company Maersk because it was interfacing with one of the targeted companies. The attack exploited a known Microsoft vulnerability for which a patch was released but not applied on all of Maersk’s systems. After the initial breach the malware spread rapidly through Maersk’s global systems at which point a decision was made to showdown all of its systems. For 3 days,Maersk’s entire tracking operation was offline which caused huge delays. It took Maersk 10 days to fully recover their IT infrastructure.

How can companies handle cyber security??

Logistics companies have to take wholistic view of their entire operations and institute pro-active measures to address cyber security. Some actions they could take are:?

Understand risks of cyber attacks: Logistics companies must understand that they are vulnerable to cyberattacks and engage security experts to establish a governance structure for risk identification and mitigation. The need to understand all the possible impacts on critical business systems and ways to quickly recover in the event of an attack which could bring down their entire operation.

Conduct risk assessments and audits of third parties: Given that logistics companies have to work with numerous partners, they should establish stringent processes for third parties with whom they share sensitive information and also conduct regular audits of third parties to ensure compliance to security standards. Embed clauses related to security audits in service level agreements and contracts to ensure that these companies follow basic security principles.?

Keep all systems up-to-date: Regularly update all their servers, desktops, IoT devices, network devices. Invest in technologies to detect systems which are not up-to-date and track devices that have left the control of the organization. Continuously monitor systems which interface with partners and/or external customer facing systems for any suspicious activity.

Keep remote end-points secure: Secure remote end-points by implementing scanners to detect suspicious activity across incoming/outgoing data through these systems.??

Separate network for IoT devices: Create a separate network for IoT devices to ensure that any compromise of these devices does not expose their entire system.

Educate employees: Train employees on the latest cyber security attack modes like phishing scams and conduct mock security exercises to prepare employees to not open or download any suspicious links or files.

Hire third party security vendors: Hire third party vendor to do independent audits of their and their partner systems. These third party companies would be aware of the latest security threats and would help ensure that all systems are protected from malicious attacks.?

Logistics companies needn’t be hapless victims if they take a pro-active approach to mitigating the risks associated with cyber attacks.