Tag Archive for: freight

6 lessons learned about cybersecurity and freight in 2021

/in


It was once again another rough year for cybersecurity and freight. The main reason: ransomware attacks, in which criminals encrypt data and demand payment, sometimes in the millions of dollars, in exchange for unlocking it. Even though the U.S. government has been taking an increasingly aggressive approach to fighting ransomware, the attacks have continued. They hit companies across the supply chain, including trucking, logistics, freight factoring, freight forwarding — and even fuel bunkering. Here’s what we learned along the way

1 Big carriers are still in the crosshairs: The cyberattack on Wisconsin-based Marten Transport in October showed yet again that major carriers continue to be vulnerable. Marten never officially described the incident as a ransomware attack. But the company’s description of it in an SEC filing and the appearance of stolen data on a ransomware gang’s leak site suggest one may have occurred. Sources told FreightWaves that the attack brought down the company’s operations system — something Marten disputes. Regardless of what befell Marten, the incident marked the single largest publicly known cyberattack on a major carrier in 2021.

A graphic illustration of two trucks being unloaded and screen displaying "files encrypted' to illustrate an ransomware attack on a trucking company.
Ransomware attacks can cripple operations at trucking and logistics companies by encrypting the data of vital systems. Increasingly, hackers are stealing data, too. (Emily Ricks/FreightWaves)

2 Ransomware remains the No. 1 threat, regardless of how small you are: Ransomware attacks remain the single biggest cyber threat to transportation and logistics companies. While high-profile incidents like the attacks on Colonial Pipeline and JBS Foods grabbed headlines and the attention of the U.S. government, hackers go after companies of all sizes. In February, the manager of a small carrier with 25 trucks shared his harrowing experience of an attack. The hackers also accessed the carrier’s transportation management system, sending screenshots of it — showing the potential for sabotaging trucking operations. “It was very alarming,” the manager said. “They could have cost that side of the business altogether. It’s scary to think about that.” That level of access isn’t unusual in successful…

Source…

Freight brokers urged to increase security in light of pipeline cyberattack

/in


The cyberattack that temporarily shut down the Colonial Pipeline this month serves as a stark reminder that all industries are prone to security threats. A single attack brought the nation to a crawl. Just think of the damage one could cause your operation.

In today’s data-rich transportation and logistics industry, information flows freely from network to network. This is especially true for freight brokerages, which transact large amounts of information both electronically and in the cloud. 

In light of the recent cyberattack, Jamie Cannon, Reliance Partners’ vice president of third-party logistics (3PL), urges freight brokers to examine their cyber risk and insure themselves against damages resulting from such attacks.

Regardless of size, even companies that aren’t household names find themselves victims of digital sabotage, leaving some with heavy financial losses. Though they seem random in nature, these attacks are very much calculated. 

Freight brokers, according to Cannon, hold treasure troves of knowledge on their customers, including sensitive pricing and payment information from shippers and motor carriers. She attests that this puts brokers at an even greater risk than trucking companies.

It’s still unclear how exactly Colonial Pipeline’s network was infiltrated, but cyberattacks are typically perpetuated by similar methods.  

While firewalls are exceptionally good at preventing unauthorized access to one’s network, many hackers gain entry when the door is opened to them. All it takes is the miscue of one employee to inadvertently welcome a host of bad individuals, ultimately compromising the entire network. 

Cannon said, added that the work-from-home business model has put many companies at risk since networks are being accessed from nonsecure locations. 

Phishing is a common method used by hackers to gain access to company data. This often involves baiting unsuspecting employees with emails that can look quite legitimate. “A lot of people are opening [suspicious] emails. There’s certain emails that they shouldn’t respond to, like urgent gift card or wire transfer requests from someone posing as their CEO or…

Source…

Mining company says first autonomous freight train network is fully operational

/in
Autonomous train in Western Australia

Enlarge / Rio Tinto’s AutoHaul autonomous train in Western Australia. (credit: Rio Tinto)

On Friday, major mining corporation Rio Tinto reported that its AutoHaul autonomous train system in Western Australia had logged more than 1 million km (620,000 mi) since July 2018, S&P Global Platts reported. Rio Tinto calls it’s now-fully-operational autonomous train system the biggest robot in the world.

The train system serves 14 mines that deliver to four port terminals. Two mines that are closest to a port terminal will retain human engineers because they are very short lines, according to Perth Now.

The train system took ten years to build and cost Rio Tinto AUD $ 1.3 billion (USD $ 916 million) to implement. The trains are remotely monitored by a crew located 1,500 km (932 mi) away in Perth.

Read 4 remaining paragraphs | Comments

Biz & IT – Ars Technica