By Craig Dancer ,
Transportation Practice Leader
Cyberattacks have fast become one of the major threats faced by organizations across multiple industries. Ransomware, in particular, has seen a staggering increase in frequency and severity, fueled by more sophisticated and persistent attackers.
As transportation companies — ranging from trucking to logistics firms — focused on digitizing their operations, they too have become prime targets for threat actors. Ransomware attacks on transportation companies went up by 186% between June 2020 and June 2021 — the second highest increase recorded by an industry.
These attacks can have overwhelming effects on companies, their partners, and their clients. For a fast-paced industry where every second counts, extended system outages can be crippling, leading to delays, lost business, and long-term reputational damage. The potential consequences of a cyberattack underscores the need for transportation companies to take immediate action to become cyber resilient.
Cyber threats are not a new phenomenon for transportation organizations. Back in 2017, the NotPetya attack paralyzed the operations of an international shipping giant, with the major cyberattack believed to cost hundreds of millions of dollars.
Now, the industry is under increased risk of cyberattacks, mainly due to the tremendous digital evolution that transportation companies have gone through. The past years have seen heavy investment in digitally enabled platforms that would optimize transportation efficiencies. But in many cases, investments in cyber controls did not happen at the same fast pace, leaving those transportation companies vulnerable to cyberattacks.
Let’s take the example of a hypothetical medium-sized logistics company that has moved from manual operations to a digitized process that allows operators to identify the exact location of truckers and match them with cargo that needs to be picked up.
The new system, based on machine learning algorithms, is helping the company become more efficient and is earning it increased business. But when its systems get hacked, the company is unable to locate existing shipments and take on new business. Even a short downtime can cost prohibitive amounts in lost business.
And the company’s inability to book new business is only the tip of the iceberg. The tracking system that keeps tabs on temperature-controlled shipments is also down, and the company’s inability to continuously track perishable goods and ensure they are kept at an optimal temperature could mean that the whole shipment will be deemed spoiled.
Addressing the systems’ vulnerabilities and rebuilding the network could cost significant amounts. And companies that have fallen victim to a cyberattack will need to take steps to track down and eliminate any lingering malware in the system.
Finally, a cyber event can lead to loss of customer confidence and lingering reputational damage, including raising questions on the way the company is managing other risks.
With the transportation industry remaining a high profile target for cyber attackers, companies should consider taking steps to improve their cyber resilience through a three-pronged strategy to help you minimize your risk while preparing for a potential attack, responding during a cyber event, and recovering afterwards.