Shipping and Logistics Companies Beef Up Cybersecurity

Leo Maheras |

As many learned during the early months of the COVID-19 pandemic, even seemingly minor disruptions in the supply chain can have potentially catastrophic consequences.[1] As a result, many shipping and logistics companies are studying the weaknesses in their cybersecurity strategies and devising ways to avoid attacks.[2] What cybersecurity threats are these companies facing in 2021, and how are they fighting back?

Ransomware Can Devastate Time-Sensitive Industries

One of the biggest tools scam artists use in attacking shipping and logistics companies involves ransomware. This is a type of malware that, when accessed by the victim, can allow the scam artist to take control of the victim's computer (and, in many cases, the entire internal network to which it is connected).[3] Once the scam artist has gained access, they will lock legitimate users out—offering to return access in exchange for a ransom, which is usually paid in cryptocurrency so as to be relatively untraceable.[4]

For companies that depend on the ability to get items to the proper destination, being locked out of databases for any period of time can be devastating. In many cases, it makes more financial sense to pay the ransom than to face the potential losses (and lawsuits) that can come from a breach.[5] And from the hacker's perspective, these companies tend to have access to large amounts of cash more often than companies in other industries, making them an attractive target.[6]

How Shipping and Logistics Companies are Responding

These industries have some unique challenges when it comes to improving cybersecurity. Because they necessarily involve employees on the move, it's more common for employees to transact business over less-secure cell phones and tablets, increasing the number of opportunities for a breach.[7] And many shipping and logistics companies tend to use independent contractors instead of employees; without the employer-employee relationship, it can be tougher to require that certain security measures be taken.

However, there are a few protective measures that many companies are focusing on in 2021. The first involves mobile security. Companies that permit employees and contractors to use their personal mobile devices can mandate certain security updates that should protect against the most common types of attacks. Other companies are moving away from allowing employees to use their own devices at all, investing in company-owned devices and secure hotspots to ensure that there aren't any gaps in coverage.

Shipping companies that use electronic logging databases (ELDs), or GPS-enabled devices that can make it easier to track packages, are also cracking down on vendors.[8] By ensuring that ELD vendors are validated, companies can reduce the risk of having these devices hacked and used to extract a ransom.

Regardless of what steps a particular company is taking, it's important for all companies to stay up-to-date on the latest developments in cybersecurity. The quickly evolving nature of technology means that cyber-criminals are often a step ahead; only by constantly evaluating and improving your own cybersecurity measures can companies reduce the risk of a devastating attack.

Important Disclosures:

The opinions voiced in this material are for general information only.

This information is not intended to be a substitute for individualized legal advice. Please consult your legal advisor regarding your specific situation.

All information is believed to be from reliable sources; however LPL Financial makes no representation as to its completeness or accuracy. 

 

[1] https://www.ey.com/en_us/supply-chain/how-covid-19-impacted-supply-chains-and-what-comes-next

[2] https://www.supplychaindive.com/news/coronavirus-pandemic-cybersecurity-supply-chain-iot/586335/

[3] https://www.coindesk.com/bitcoin-is-aiding-the-ransomware-industry

[4] https://academic.oup.com/cybersecurity/article/5/1/tyz003/5488907

[5] https://www.zdnet.com/article/why-and-when-it-makes-sense-to-pay-the-ransom-in-ransomware-attacks/

[6] https://www.forbes.com/sites/oliverwyman/2017/06/28/time-for-transportation-logistics-to-up-its-cybersecurity-as-hackers-put-it-on-target-list/?sh=3b03875f6fb9

[7] https://www.forbes.com/sites/tmobile/2021/02/24/5-reasons-hackers-target-mobile-devices-and-how-to-stop-them/?sh=17c4e34e7b28

[8] https://securityintelligence.com/articles/cybersecurity-attacks-shipping-and-logistics/

 LPL Tracking 1-05146018