As a college-educated computer scientist, Bastian Späth understands how IT solutions are developed from the ground up. For more than 15 years, he has spent every workday collecting requirements, finding ideas, developing designs, setting up projects and getting them safely across the finish line.
Cybersecurity: extortion in the supply chain
Congratulations to all logistics professionals! Every single day, they successfully tackle what is currently the biggest business risk in the economy, according to the 2020 Allianz Risk Barometer: securely managing supply chains. Even though they are squarely in the hackers' cross-hairs. Cybercriminals are currently targeting the logistics industry. According to a study conducted by Forrester, a market research outfit, nine out of ten companies become cybercrime victims at least once a year and have to deal with the consequences. How can logistics service providers effectively arm themselves against external attacks and update their cybersecurity?
The threat to the logistics industry has never been so severe, and the environment has never been so favourable for hackers. As digitalisation advances and online commerce grows, data communications over the internet, though still vital (in logistics and in order and delivery channels), are more decentralised than ever before. More and more partners and networks are involved; more and more infrastructure needs adequate protection. To successfully manage this situation, you need to understand the exact threats in order to take effective precautions for greater IT security. The path to better protection and cybersecurity thus starts with a risk analysis of all processes and solutions:
- How many partners is the company exchanging data with? Who are they?
- How many interfaces does the logistics provider use?
- How are the transmission paths secured?
- What safeguards do your own systems have?
- What is the security situation for employees working from home?
- Do the employees know the dangers?
- Is there an IT contingency plan to ensure business continuity?
A logistics service provider can use the answers to these questions to refine its IT security and arm itself against external attacks.
Cyber attacks: what are the threats to cybersecurity?
The biggest threat facing logistics companies is surely the fact that they cannot arrange transports and manage supply chains without access to their data. Hackers exploit this fact over and over again for extortion purposes. Logistics companies cannot access the data that the cyber criminals have encrypted until they have paid the ransom. This poses multiple risks for companies without redundant systems: their business operations could be brought to a standstill by cyberattacks; the company could suffer economic losses; and their relationships with business partners could be seriously damaged. At the same time, they could lose data and thus violate the General Data Protection Regulation (GDPR). Given all these considerations, experts estimate that such cybersecurity incidents typically cost seven-digit sums. This security situation can thus threaten the survival of unprotected freight forwarders and logistics service providers, forcing them to ask a dreaded question: how many days of downtime can such a company survive without lasting damage?
Effective cybersecurity starts with awareness
Understanding your position and the risks it poses is the first and most important step toward greater cybersecurity. Remember: effective protection strategies require a complete understanding of your IT environment. For example, to securely connect supply chains, data communications with partners, suppliers, and networks have to be secured using appropriate cybersecurity mechanisms. In addition, the industry has to securely configure and constant monitor all the interfaces in its transport chains. Vulnerabilities are points of attack, and the full extent of the damage is often not realised until the perpetrators are long gone. In addition, the proportion of employees who work from home has exploded in the past two years without any major preparations, often without taking suitable measures to integrate the employee's home office into the company's security scheme.
People: a cybersecurity risk
In addition to technical cyberrisks, the dangers posed by phishing emails and malware have increased enormously: by as much as 600 percent within one month at the beginning of 2020, according to ENISA (European Union Agency for Cybersecurity). In this scenario, cybercriminals directly target employees through emails or messenger/meeting software and attempt to gain access to the company's IT systems via files containing malware. Companies can effectively counter this approach in two ways. First, by provding regular training to make employees more aware of the threats. This is a good way for logistics companies to head off social engineering, in which criminals pretend to be supervisors and falsely instruct their "subordinates" to make payments into accounts that they control. Second, they can use anti-malware software. For example, file attachments can be opened within an isolated environment and only released to users after passing a security screen. If a company gets hacked despite taking precautions, it must be transparent and act prudently. All its customers and partners need to be informed immediately about the specific event so that they can protect themselves. Keeping quiet about these kinds of incidents increases the risks for everyone involved.
In addition to desktop PCs, servers, and interfaces, companies also need to secure their wired and WiFi networks. Poorly monitored WiFi access points are among the most dangerous vulnerabilities in a company's infrastructure. In addition, more and more peripheral devices such as printers, scanners, and even mobile devices, have provided attack vectors for cybercriminals in recent years. This kind of distributed technology should therefore always be integrated into the security plan using special protection solutions, especially for logistics companies with a large number of access points in their warehouses. Smartphones and portable data terminals (PDTs) for transport can be monitored using mobile device management (MDM) and, in the event of an emergency, locked and wiped to prevent damage from cybercrime.
Cybersecurity: contingency plan and drills are part of the overall plan
If logistics service providers want to effectively counter the risks of cyberattacks and avoid IT failures, they should establish an overall IT security plan based on a thorough risk analysis. The plan must aim to establish end-to-end security, i.e., comprehensive security for all the partners involved in service delivery. To achieve this, logistics providers must consider all the important nodes in their value chains and require a second factor – in addition to a password – in order to log in to their systems. As experience shows, this is the only way they can be sure that they have instituted the necessary safeguards in all essential areas:
- Hardware: servers, desktops, peripherals
- Data exchange: interfaces and encryption
- Employee training
- Regular backups including testing
In addition, logistics companies should have a comprehensive contingency plan that is initiated immediately if hackers manage to penetrate all their defences. Its purpose is to maintain operations in the medium term. Emergency drills are therefore an essential part of any IT security plan.
Cybersecurity deserves your full attention
Logistics runs on data sharing. This simple fact makes it clear why cybersecurity is a top priority for logistics companies and why risk management deserves the attention of senior management. The good news: logistics companies can effectively avoid the main IT risks with a sound IT security plan. However, because cybercriminals are constantly innovating, contingency plans are essential in logistics companies. At least if they want to overcome the risks for good.