Recently, increased numbers of cyber-attacks on various industries have officials concerned that the freight transport industry will be at risk of a severe cyber-attack. Although industries like the airline industry have already implemented some protection against cyber-attacks, such as anti-hacking software, many of the nation’s major passenger and freight transports may lack proper defense against these attackers. Researchers have found that various internet brokers have obtained credentials to access different industries’ networks through illegitimate means, the freight transport industry included. Crisis actors have already used such unlawful means to access companies’ logistics systems, allowing them to disrupt or, in some cases, even halt all freight shipping for an extended period. Access to these logistics and control systems could also lead to disruption of rail systems for freight trains, potentially leading to derailments and collisions. As seen in recent months, cyber security disruptions can also affect energy systems and pipelines, which can have a domino effect on related industries that depend on those for daily operations.
Why are Transport and Logistics Companies Being Targeted?
These companies can be very lucrative and appealing targets to hackers and ransomware users for various reasons. The main reason is that these freight transport companies are connected to too many different industries. The sole purpose of a logistics company is to act as a liaison between manufacturers, consumers, and every entity in between. This means that logistics companies have strong connections to an endless number of suppliers, consumers, manufacturers, and retailers all around the globe. Suppose one or a handful of these logistics and supply companies goes down due to a cyber-attack. In that case, hundreds if not thousands of other businesses will feel the effects of the attack, potentially resulting in a significant supply-chain shortage.
The following reason is how ‘new’ these attacks are for this industry. Because these types of attacks have not been common for this industry until recent years, many transport and logistics companies have not invested much in cyber-security and other protections, making them easy targets for motivated hackers. In addition, these freight transport companies are very interconnected with other suppliers and the businesses that rely on them. There are multiple points of access for hackers and ransomware users to infiltrate these logistics companies and the businesses connected to them via internal networks. Lastly, ransomware users can see a high potential payoff with hacking these networks because of the dollar value associated with these companies.
Potential Problems That Could Arise & Problems We Have Faced Already With Cyber Security
As previously mentioned, several issues can arise for freight transporters from cyber security issues or cyber security attacks. One of the most concerning issues is that there could be severe disruptions to the logistic chains of these industries. Because these industries supply so many other businesses and even elements of the government, this could result in severe reductions in the number of supplies and consumer goods headed to these businesses and institutions. Another significant issue is that many freight transporters are now controlled and organized by computer systems. For example, computers partially influence the freight train industry’s schedules. If hackers were to be compromised, this could result in collisions, derailments, and other potential disasters. As an analogous example, a petroleum pipeline was recently hacked. As a result of the cyberattack, the pipeline experienced major disruptions that affected the supply chain, significant fuel shortages while the pipeline was shut down, and it is estimated that nearly 100 gigabytes of data were stolen from the pipeline’s databases. Another problem we have faced is attacks like those experienced by the Danish shipping and freight giant Maersk, who lost $300 million after ransomware disrupted their entire system.
New Laws to Strengthen Cyber Security
This past summer, the TSA came out with policy directives that address some of these concerns with cyber security. Following a cyber-attack on oil pipelines in May of 2021, the TSA implemented policies that required the owners and operators to implement protective measures against cyber-attacks. President Joe Biden also created an executive order that focused on improving the country’s cyber defenses against such attacks. In this executive order, President Biden also called for the federal government to create a safety review board to address cyber security concerns in the freight transport industry. Recently, policymakers in the House of Representatives have also been calling for more policies to be implemented that target the weaknesses in cyber-security in transportation industries, including the freight transport industry. These policies would also require the shareholders of these companies to focus on increased cyber security enhancements and report these upgrades to the TSA.