Supply chain disruptions have made headlines since the onset of the COVID-19 pandemic, and it’s not slowing down when it comes to cargo theft.
Recently released 2022 data shows that events involving the theft of cargo across the U.S. and Canada increased by 20% year-over-year, according to a study by CargoNet, and more avenues for exploitation are opening as carriers onboard more technology.
Cargo theft continues to plague the supply chain, and experts say cyberattacks as a tactic are becoming more prevalent.
Danny Ramon, intelligence and response manager at Overhaul, said cyberattacks resulting in cargo theft have previously been seen primarily on the West Coast but have begun to migrate east to Indiana, Illinois and recently in Kentucky. Overhaul, a supply chain visibility, risk management and security provider that has mitigated the loss of over $226 million in cargo value through real-time interventions and recoveries, recently acquired SensiGuard security services from Sensitech to boost its capabilities in mitigating risks associated with cargo theft.
“The availability of digital information on a lot of these loads – even just on the public Internet, whether that's load boards or something like that – is pretty ridiculous,” Ramon said. “If you go beyond that and try and imagine if they were to perform some sort of cyberattack and actually get into the systems or networks of some of these carriers, they could really wreak some havoc.”
According to a report from transport and logistics industry software provider Magnus Technologies, it takes transportation companies 192 days on average to detect a breach and another 60 days to contain it.
Bad actors can infiltrate carrier networks to obtain information on a driver, a load or an asset that could aid them in a fictitious pickup, changing carrier or driver assignments and rerouting or changing the destination of a shipment, among other things.
Eventually, a thief may never have to come into physical contact with any cargo at all, Ramon said.
While physical attacks remain the primary form of cargo theft, the industry is gearing up for more cyberattacks, said Scott Cornell, transportation lead and crime and theft specialist at insurance provider Travelers, a member of the non-profit Transported Asset Protection Association, which establishes baseline standards for security across the supply chain, including trucking facilities. He said TAPA recently released standards around cybersecurity.
“We're driven by the fact that as the global supply chain becomes more automated, we believe it's going to be critical to stay ahead of potential threats,” Cornell said. “So, the use of cyber methods to commit theft or disruption in the supply chain is something that everybody's trying to keep an eye on.”
Travelers’ special investigations group does a lot of recoveries, he said, but the company spends as much time, if not more, working with clients to teach them prevention methods. The insurer offers a cyber risk pressure test to help customers understand where they stand.
Cornell said the key is to be more proactive than reactive, implementing security measures and gathering resources in advance.
“Strategic cargo theft involves the use of fraud to trick shippers, brokers and carriers into giving away loads to cargo thieves. To prevent this, businesses should thoroughly vet any carriers or brokers they do business with by using third-party vetting companies, industry associations, etc.,” he said. “Basic types of cyberattacks are more commonly being used to aid in committing cargo theft; implementing strong cybersecurity practices can help recognize and prevent many of these attacks. Businesses should prioritize protecting their online profiles using cybersecurity tools including antivirus software, two-factor authentication and other network defenses.”
SkyBitz offers solutions for both cyber theft and physical theft like cargo cameras and door sensors. Randy Clayton, divisional vice president of engineering at SkyBitz, said technology is the enabler of potential loss, but it’s also the solution.
He said physical security is generally the front line of defense for protecting cargo, but the automated detection mechanisms that are available essentially turn that into a data, which then creates the potential for a cybersecurity issue.
“You have to be very careful when you're applying your physical security measures that are essentially turning that physical security monitoring into a data element,” Clayton said. “You have to be careful that you're also protecting that physical security information data but also the points of ingress and egress into the customer systems that receive that data.”
Carriers are connected to many systems that share data, from electronic logging devices and transportation management systems to telematics and cargo sensing devices, among others. They’re also connected via APIs to outside entities. This provides hackers with a plethora of outlets to access data like driver and carrier information, location of assets and cargo and type and value of cargo, allowing them to make targeted attacks.
Clayton said carriers need to ensure their vendors are taking care of their data, and they need to update their software as much as possible.
“It’s more than just being diligent about it; it's actually being vigilant about it. You have to be very aggressive in the way that you protect your data,” he said. “Treat all data as if it's important because you don't know what the value is that an attacker may be able to place on a piece of data that you may feel is benign. It's highly likely that the next piece of data that an attacker may find is just the last piece of a puzzle for them that they're trying to put together.”