The shipping and logistics industry is increasingly the target of cybercrime and ransomware attacks, a trend that has accelerated in recent years. The reason is simple: these companies store and process a wealth of extremely valuable personal information, so a successful attack can be a very profitable exercise. However, the financial and reputational damage these attacks cause can be catastrophic. Organizations should implement state-of-the-art recovery and ransomware protection to enable them to protect and recover data quickly, with minimal damage and loss.
An industry under siege
There are many examples of cyberattacks and data breaches in the shipping and logistics industry, from companies of all sizes. There were also several high-profile data breaches in 2020 and 2021, which shone a spotlight on this beleaguered industry. In April 2020, Mediterranean Shipping Company was the victim of a malware attack that caused the company’s website and customer portal to go down. In June, global conglomerate Maersk reported a cyberattack that caused more than $300 million in losses. CMA CGM was attacked in September, with a breach that impacted its edge servers.
This trend accelerated in 2021. In September, CMA CGM was hit again, this time with an attack targeting customer information. In November, shipping giant Swire Pacific Offshore (SPO) suffered a cyberattack that caused a major data breach that resulted in the loss of confidential business information and personal data.
In December, US logistics company DW Morgan exposed more than 100 GB of sensitive customer and shipping data, including financial, transportation, shipping and personal information. Also in December, Hellman Worldwide Logistics was targeted by RansomEXX ransomware, and more than 70 GB of stolen data, including customer names, user IDs, email addresses and passwords, were disclosed.
Does not discriminate based on size
Although the examples above relate to large multinational shipping and logistics conglomerates, cyber threats affect suppliers of all sizes throughout the supply chain. A case in point is a malware attack against a third-party vendor for Canada Post in May 2021, which resulted in a data breach affecting 950,000 parcel recipients. Another example is a ransomware attack on a small trucking company in the United States, which could have potentially wiped out the entire business.
The reality is that cybercrime does not discriminate based on size, and all organizations throughout the supply chain must take appropriate steps to protect data and ensure the ability to recover from an attack. . While digital transformation can improve efficiency in the logistics industry, it can also introduce vulnerabilities if data security is not a priority.
A multi-level approach
Data security is an essential tool to protect against ransomware, and it should take the form of a multi-layered defense to protect at multiple levels, rely on a zero-trust framework for advanced security, which should be flexible and scalable to meet digital needs. transformation goals.
The first step is to identify, assess and mitigate risk exposure, including implementing tools such as multi-factor authentication and dual authorization. The data should then be locked down and hardened, using airspaces and immutable copies of the data, to reduce the attack surface and better protect the data. Clean backup copies help minimize the risks as well as the downtime associated with a data breach. Active monitoring and advanced threats and anomalies provide early warning of suspicious and malicious activity.
Finally, consistent recovery processes should be in place for all data and workloads to restore where the data is needed. Solutions should also actively work to prevent ransomware file re-infections by deleting suspicious or unnecessary files from backups, isolating suspicious backup copies, and allowing recovery to a safe location.
With the increasing number of attacks in the shipping and logistics industry, data protection is essential. Arguably more important, however, is the ability to recover quickly when attacked. The extended downtime and continued exposure can end up costing millions, and the reputational damage can be severe, not to mention the regulatory penalties associated with leaking personal information. Having an effective recovery strategy and the right tools in place is key to protecting organizations in this vulnerable industry.