The Growing Threat of Transportation Cyberattacks

April 20, 2021

When you envision a cyberattack and where it occurs, chances are that you picture it taking place at a bank or a retail store. However, attackers have broadened their portfolios in recent years and set their sights on areas that include the transportation sector.

Here's why the growing threat of transportation cyberattacks is important and what it means for transportation companies, their employees and customers, and the supply chain as a whole.

The Rise of Transportation Cyberattacks

When COVID-19 caused a spike in remote work, many people began relying on transportation networks to safely buy everything they need to live their lives—from groceries to medicine and beyond. Contactless delivery and the essential workers who make it possible have kept society running during a period of unprecedented global disruption.

In turn, the sudden shift to remote work placed incredible stress on the transportation industry, resulting in bottlenecks that delay deliveries.

At the same time, the industry itself has been directly impacted by the pandemic. When truckers and delivery workers contracted the coronavirus, their down time has spelled trouble for the operational efficiently of transportation networks.

Inside of a semi, a man has his hands on the wheel.

Because of these challenges, the transportation industry has experienced a serious uptick in cyberattacks since the start of the COVID-19 crisis. Malicious actors, keeping a close eye on trends and the transition toward working from home, are eager to target any weak links in a business landscape that increasingly relies on technology.

Cyberthreats Targeting the Transportation Industry

Cyberthreats were already a growing concern for the transportation industry before the pandemic. According to the IBM X-Force Threat Intelligence Index 2020, the transportation sector was the third-most attacked industry in 2019, ranking just below finance and retail.

Transportation companies possess a wide array of data that appeal to cybercriminals and nation-state actors alike, including PII information, biographic information, passport numbers, loyalty program information, payment card data, and travel itineraries.

As the report notes, cyberthreats to the transportation industry bring unique risks because they can have damaging ripple effects on other industries that rely on transportation companies to carry out their operations.

Unfortunately, even as the transportation sector has pursued digital transformation improvements to make its operations more efficient, it has yet to respond to increasing cyberthreats with similar urgency.

Recent Attacks on Transportation Companies

Several major transportation companies have fallen prey to serious ransomware attacks during the pandemic. According to FreightWaves, TFI International, one of the largest trucking and logistics providers in North America, was slammed by a massive ransomware attack in April 2020. The resulting breach cost TFI approximately $6 million in revenue.

Although the company chose not to pay the ransom, it's not always easy for businesses to draw a hard line on such demands when doing so may mean painful downtime, damaging data breaches, lost revenue, or a combination of all three.

Blue shipping containers stacked on top of each other.

Trucking companies have been hit hard, too. Daseke, the largest flatbed trucking firm in the U.S., suffered a ransomware attack in August 2020 that led to significant data theft. Like FreightWaves, Daseke refused to pay the ransom. In response, the attackers posted Daseke truck drivers' personal information to the dark web.

Although Daseke did not suffer any operational disruption or a significant loss in revenue, the attack highlighted just how vulnerable many trucking companies remain as cyberthreats grow.

For instance, trucking and logistics company Forward Air was not so lucky. Targeted in a ransomware attack in December 2020, it experienced widespread operational disruptions that prevented customers from booking loads for several days. Since no other company capable of supporting airlines' cargo operations stepped in during the outage, the attack on Forward Air had a knock-on effect on the entire airline industry.

How the Transportation Industry Can Boost Cybersecurity

As these recent attacks demonstrate, transportation companies urgently need to improve their cybersecurity. This is often a matter of national security, as transportation and logistics firms are responsible for ensuring vaccines safely make it to their destinations across the country.

Fortunately, there are a number of steps that these companies can take to ward off damaging attacks while safeguarding critical business, employee, and customer data.

1. Create a Cybersecurity Plan

If your company doesn't have a formal cybersecurity plan, now is an ideal time to create one. Your plan should identify your most important business assets, outline your strategy for protecting them, and clarify who will be responsible for carrying out this strategy.

2. Review Your Cybersecurity Budget

Although the COVID-19 crisis has created budget challenges for many companies, the cost of not investing in proper cybersecurity controls could be higher than you think. It’s wise to prioritize security in your IT budget.

3. Conduct Cybersecurity Awareness Trainings.

Ransomware attacks often begin with a simple phishing exploit. If your employees don't know how to identify a malicious email, they could unintentionally compromise your entire company's security with just a click. Conducting regular security awareness trainings for your entire staff will help employees do their part to defend the business.

Taking the Next Step to Defend Against Increasing Transportation Cyberattacks

Hackers are ramping up attacks on firms in the transportation industry. Although the threat is serious, transportation companies can protect their businesses, their customers, and their employees by taking steps to improve their cybersecurity now. Doing so will help ensure that the transportation industry can continue to serve as an essential backbone during the COVID-19 pandemic and well into the future.

Arctic Wolf, the leader in security operations, protects transportation companies from the growing cyberthreats they face by reducing both the likelihood and the impact of a cyberattack. Contact us today to learn more about how our security operations solutions can better protect your organization from today’s increasingly sophisticated threats.

Previous Article
NIST SP 800-171: What You Need to Know
NIST SP 800-171: What You Need to Know

Learn all about NIST SP 800-171, the 14 categories, and the steps needed to achieve compliance.

Next Article
Understanding the Lines Between EDR, NDR, TDR, XDR, and MDR
Understanding the Lines Between EDR, NDR, TDR, XDR, and MDR

Learn the key differences between today's detection-and-response offerings to find which one is right for y...

×

Get cybersecurity updates delivered to your inbox.

First Name
Last Name
Company
Country
Yes, I’d like to receive marketing emails from Arctic Wolf about solutions of interest to me.
I agree to the Website Terms of Use and Arctic Wolf Privacy Policy.
Thanks for subscribing!
Error - something went wrong!