Rapid responses to the Coronavirus pandemic leave logistics vulnerable to security breaches. Security and risk teams must remain vigilant and focus on strategic areas.
Despite the current global pandemic, cyberattackers have made it clear they’re not taking any time off. Now that many workers have shifted to working remotely and organizations are distracted trying to handle the virus, security and risk management teams need to be more vigilant than ever.
Cyber Attacks in the Logistics Industry
In 2017, the logistics and transportation industry were subject to their first cyber attack when almost 80 ports and terminals worldwide either stopped working completely or had significant delays. This ransomware attack on shipping giant A.P. Moller-Maersk came with a hefty price tag of after the company had to rebuild its IT infrastructure. Since that time, there have been numerous cyberattacks on the transportation industry, with the latest occurring last month to Mediterranean Shipping Company (MSC), which is the second-largest shipping container company in the world.
Why is the Airline Freight Industry Such a Target?
The challenge of securing the infrastructure of airplanes is cost prohibitive. The airline freight industry also faces the shortage of cyber security experts that are needed to keep the industry safe. According to a , the shortage of cyber security experts worldwide is almost 3 million, which is a risk to businesses, including airline freight companies. In order to combat the risk from cyber attacks, the airline freight industry will need to redirect their efforts regarding cyber security.
Damage to Small and Large Companies Alike
It is not just large logistics companies like MSC that are at risk for cyber attacks. All airfreight companies are at risk for a breach in security too. Since the freight industry is expanding with rapid technological innovation, it is particularly susceptible to these types of attacks. By nature, air freight companies usually have very diverse supply chains that reach across the world, so the transmission of data and information is accessed by many users, such as the air carrier, land transportation, shipper, customs authorities, and warehouses.
The industry is increasingly dependent on information technology to operate its worldwide transportation network. The desire to achieve great efficiencies within this industry means greater reliance on technological systems, which leave companies more vulnerable to an attack. These attacks immobilize the computer systems of airfreight companies. When ransomware gets into a network, it causes all the computers to lock up. The cost to undo this damage is extremely high, not only in the actual dollar amount, but in the delays it causes among the transportation network. A breach of security creates a domino effect along the network that can cause severe delivery issues.
More Breaches Equal Higher Costs
The cost of a data breach is staggering. The average range is U.S. dollars between . This type of event can easily put a smaller company out of business, as loss of customers is the biggest breach cost. However, there are also high costs associated with mitigating the breach, such as investigation, notification, litigation, and penalties and fines.
The high value of airfreight cargo makes them attractive to a security breach. Cyber attacks can ground fleets or control aircraft, which means airlines will be liable for all those involved in the supply chain if the cargo is stolen or delayed. If confidential information is compromised, it could result in large fines for carriers and airports. It is easy to see how a cyberattack can be completely detrimental to a company financially.
However, there is some good news for companies who are concerned about a cyber attack. The quicker a recovery after an attack, the less financial impact and other long-lasting effects on a business. Therefore, it is extremely important that airfreight companies have a plan in place should a cyber attack occur.
How to Protect Against Cyber Attacks
Air cargo shipments and their data system are easy targets for cyber criminals in part because the industry is not quite prepared for them, especially when they are focused elsewhere due to the COVID-19 pandemic. Airfreight companies should secure their systems in one or more of the following ways:
- Utilize the National Institute of Standards and Technology’s (NIST) standards, which include ways to identify, protect, detect, respond, and recover from threats.
- Make sure networks are completely secure. Many times, cyber attacks use similar methods or tactics in all types of industries, whether on an airline or a bank. By acquiring data from other companies and looking for patterns and signals, businesses can reduce the risk of an attack.
- While working from home, make sure that employees are not opening emails or attachments from unknown sources. This is one of the most important ways to stop malicious ransomware. Employees should be enrolled in a cyber security training course yearly and a secure VPNs while working remotely.
- Tie cyber security to the company’s business objectives so everyone takes it seriously. Continued communication about potential threats and ways to avoid them will increase all employees’ awareness.
- Join an organization such as the Airports Council International World or A-ISAC for access to airport-specific cyber threat intelligence and data.
Cyber attacks present a huge risk for airfreight companies and can result in a significant financial obligation and disruption of business. Strategic security plans need to be in place in order to prevent them during the pandemic and after.
Your Trusted Partner
At Red Arrow Logistics, we provide expertise and white glove customer service with fast-growing, complex, and high-value supply chains. As the next-generation model of logistics companies, we offer tailored transportation and logistics solutions — from single shipments to complex over-dimensional and international orders.
Red Arrow offers the scale and scope of services including air, ocean, and ground transportation to meet the budget and schedule requirements of the largest and smallest companies alike. If we can be of assistance, please email us at email@example.com or give us a call at 425-747-7914.