As the U.S. freight industry relies more and more on digital connections and pathways to conduct business, security experts warn that “cybercrime” will become an increasingly difficult issue to deal with as more organized criminal groups seek to drive better return on investment (ROI) calculations for their illegal activity.
“Back 10 or 15 years ago, a lot of ‘hacking’ into electronic networks occurred simply for the sake of curiosity. Today though it’s being driven by highly organized criminals seeking to gain significant ROI for their efforts,” Jarad Carleton, principal consultant for the information and communication technology practice at Frost & Sullivan, told Fleet Owner.
“In particular, cyber criminals are targeting small and medium-sized businesses because they are the ones most likely to have cash in the bank,” he explained. “Because smaller firms don’t have the same kinds of credit lines big companies do, they tend to rely more on cash reserves. That’s why you see a lot of focus on them.”
In trucking, the move to creating false pickups to steal cargo is part of this “ROI” focus on the part of criminals, as hacking into networks to acquire shipment information in order to facilitate a false pickup entails a far lower risk project than hijacking a tractor-trailer outright.
“The ability to know where a specific shipment is – especially for high value goods like electronics – makes it easier to steal and more profitable to steal than randomly taking a tractor-trailer on the street,” Carleton noted. “You really have to think about cybercrime as a business now: they want to maximize ROI and minimize risk for their activities.”
"Attackers look for the easiest means of compromise. That's why attacks are moving from more security-mature organizations down to less mature, typically smaller, partners,” noted Dylan Owen, cybersecurity manager for Cybersecurity and Special Missions at Raytheon. “Attackers can exploit the trust relationships between companies to infiltrate well-protected targets through supply chain partners with less security experience."
Owen recently helped author a new report on this issue – entitled Taking Charge of Security in a Hyperconnected World and published by RSA, the security division of EMC – that asserts efforts to improve readiness and response capabilities to cyber threats in the business world must be driven by growing recognition among today's interconnected business communities that organizations must assume broader responsibility for protecting themselves and their business partners.
"We believe organizations are taking a stronger interest in improving security not only to protect their information assets but also their business relationships,” noted report co-author Art Coviello, who serves as RSA’s executive chairman and executive vice president at EMC. “As more organizations take a broader community-minded view of their risks and security practices, information security will improve for all of us."
RSA’s report discerned several “common problems” contribute to the majority of cybersecurity breaches, including:
- Neglecting "security hygiene"– In forensic evaluations following security attacks, missed software updates frequently surface as exploited vulnerabilities.
- Relying exclusively on traditional threat prevention and detection tools– Most security teams still wait for signature-based detection tools to identify problems rather than looking for more subtle indicators of compromise on their own, even though traditional firewalls, antivirus scanners and intrusion detection systems (IDS) cannot discover the truly serious problems.
- Mistaking compliance for good security– Most compliance mandates reflect best practices that should be interpreted as minimum standards, not sufficient levels, of security.
- Inadequate user training– Many companies don't invest enough time and resources in user training, even though users today are the first line of defense against many cyberattacks.
Yet Don Hsieh, director of commercial and industrial marketing for Tyco Integrated Security, stressed there’s another component not to be overlooked when strengthening cybersecurity: limiting the physical access to computers and other sensitive data centers.
“Who has physical access to the data is critical to assess,” he told Fleet Owner. “It starts with determining who needs the data to perform their job, and then establishing policies to ensure only those specific positions can gain access to such information.”
He added that “tagging” certain job titles to specific “zones” such as dispatch, operations, warehouses and loading docks, is another step towards improving the physical security of trucking operations, which in turn can aid in cybersecurity efforts as well.
“Most cargo thefts don’t just ‘happen’ anymore; thieves are now often targeting specific loads based on specific information they steal or have stolen for them,” Hsieh explained. “That’s why there’s a physical component to cybersecurity now.”