As the coronavirus crisis eases in some countries, shipping and logistics companies are set to up the ante when it comes to supply chain operations. But if the pandemic has taught us anything, it’s that criminals are well attuned to the potential vulnerabilities of essential operators.
Recent months have seen a spate of ransomware attacks on logistics companies, and there is little reason to suspect this trend will stop in line with lessening COVID-19 concerns.
Here, we take a look at ransomware. We explore why it’s so problematic for shipping and logistics companies, and go over a few ways companies can protect their systems, and finances, from attack.
What is Ransomware?
Ransomware is malware with a specific purpose: to hold individuals or companies to ransom for financial gain. The malicious software is used by hackers to steal data, lock systems, and disrupt processes. Hackers then offer their victims a chance to get their data or systems back — in return for money.
Ransomware Attacks on Shipping & Logistics Companies
Several key threats to logistics have been noticed during the COVID-19 crisis.
Recently, researchers at threat research group Proofpoint found emails from hackers using the coronavirus as a form of socially engineered leverage. These emails have targeted transportation companies and contain Microsoft Word documents which are embedded with the AZORult malware, an information theft tool. Operators should be on the lookout for emails with the subject line: “Coronavirus - Brief note for the shipping industry.”
The Mediterranean Shipping Company (MSC) was hit by a malware attack that caused a power outage. The outage affected both the company’s main customer portal and website, which in turn, caused revenue losses. Although not specifically tied to the pandemic, this attack came at a time when the company and others were facing pandemic linked threats. Elsewhere, Australian company Toll Group was forced to shut down in February due to a ransomware attack.
Securing Systems: Top Tips for Logistics Companies
Logistics and shipping companies need to mitigate the risk factors by putting a multi-layered approach to cybersecurity in place. This involves ensuring the right security tools are used, staff training is up to date, and dedicated cybersecurity staff is appointed.
VPNs in Offices
If you don’t know what a VPN is, it stands for Virtual Private Network. This security software creates a private browsing network and, in the process, encrypts any information in transmission. VPNs can be installed on individual devices, or better yet for logistic companies, on the router in offices. With its protection in place, data is hidden from prying eyes. VPN is one of the best options for both individuals and businesses to protect internet traffic. If you are interested to know more, visit vpnBustes.
Email Scanners
Owing to the number of threats delivered via email, email scanners should be used in conjunction with staff training to make sure nefarious messages do not reach their target. Scanners trawl through incoming emails searching for suspicious links and then notify the users.
Staff Training
One of the very best ways to minimize the chance of a ransomware attack is by making sure staff are aware of the potential risks. Hackers frequently rely on manipulation and human error to land their targets, so ensuring the staff knows how to recognize a scam is highly important. Logistics companies should regularly train staff and put a culture of cybersecurity in place.
Antivirus & Anti Malware Protection
Company devices should have both antimalware and antivirus programs for optimal protection. Remote staff should also be covered by these tools, particularly when staff is using their own devices for work-related activities as the threat on bring-your-own devices is greater.
Cybersecurity Staff
According to a 2019 report released by EFT, only 35 percent of service providers had a Chief Information Security Officer (CISO) and 43 percent of shipping companies had a CISO. Most concerningly, only 21 percent of logistics companies believed a CISO was necessary.
These figures indicate a trend in the industry to put cybersecurity low on the list of priorities, but as recent examples have shown, the cost of an attack is far greater than the cost of having proper security staff in place.
Hackers are aware of the potential for havoc in the industry and are poisoning themselves to profit from it. However, with a full suite of cybersecurity measures in place, shipping and logistics companies are well-positioned to weather the COVID storm and even prosper as essential services both during the pandemic and when the dust eventually settles.
