Logistics has come into particular focus during the COVID-19 crisis period. Cyber criminals have become aware of this central position of the industry. The increasing number of cyber attacks, also against small and medium-sized enterprises, underlines this. We discuss here which dangers exist and how companies can protect themselves.
The level of digitalisation in the logistics industry, which was given an enormous boost not least by the Corona crisis, optimises processes, increases efficiency and reduces costs. But the networking in supply chains also presents a larger attack surface for cyber criminals.
Furthermore, increased home office activity opens doors for hackers. The connection to the in-house network, without the additional protection of the often better-secured office network, makes it easier for hackers to penetrate company systems. On average, only about three percent of the IT budget is spent on security. This is no longer sufficient and clearly shows that more attention must be paid to this risk.
Which attack methods do cyber criminals frequently use at logistics companies?
This question reveals a clear trend in the use of distributed denial of service (DDoS). In 2020, for example, the transport industry recorded 125 percent more attacks of this type than in the previous year. The hackers' goal here is to flood networks with data traffic in order to impair services and their availability. For example, cybercriminals initiate failures of sensors that transmit real-time environmental conditions or construction details on factory floors. This has a negative impact on the company's success, as it leads to missed schedules and customer dissatisfaction – with lost revenue as a consequential damage.
Furthermore, hackers are increasingly using so-called ransomware, in which encryption software is placed on the computer or in the network. The criminals then demand payment for the release of the data. This is particularly successful in logistics, as supply chains are under enormous pressure when delivering, especially critical medical goods, and are therefore often more willing to pay ransom. Especially smaller companies that are networked in a supply chain with large corporations offer interesting targets. They are used as a kind of backdoor to hack into larger companies and sometimes also come to harm in the process.
How can you protect yourself from these attacks?
First of all, it is important to be clear about the criminals' respective approach. Especially with ransomware, passwords represent a security gap. Bad passwords – i.e. passwords that are too short or always the same – make it easier for cybercriminals to get into the network. All networked devices, even surveillance cameras or routers, offer attack surfaces. Because it is precisely these devices that are often operated with outdated software or with standard passwords. In ransomware attacks, malicious software is often installed by opening links or a file in an email or SMS. The mails are disguised as an invoice, for example. When many companies work together, as in logistics, it is usually not easy to ensure that everyone involved knows exactly which invoices are correct and which are not – at least not at first glance.
The first safeguard, which can often be implemented in SMEs even without their own IT department, is already achieved by simple steps:
- Use strong, different passwords
- Do not reuse passwords; assign an individual password for each page or application.
- At least 10 characters
- Combination of upper and lower case letters as well as special characters
- Alternative: individual, easy-to-remember sentences
(for example: "I like to eat potato soup with sausages")
- Use of a certified password safe or password manager
- Updating software and hardware
- Update the computer and the software used with given updates and patches
- Configure the firewall, the router and the existing technical devices
- Data backup
- Regularly back up to an external hard drive or outside of the computer's access – possibly also cloud-based
- Overview of payments
- Check and confirm changes in a supplier's bank data
- Checking requests via the company's head office; do not rely solely on emails, faxes or unsolicited phone calls
- Monitor expected spend with suppliers against actual spend
- Discontinue unnecessary suppliers at regular intervals
- Consider background checks on suppliers
- Educate employees
- "Zero trust" concept (not to trust any device, user or service inside or outside one's network)
- Do not click on unsolicited links in emails or text messages
- Do not open suspicious or unexpected attachments from unknown sources.
Why should cybersecurity be taken seriously?
Smaller companies in particular are still too hesitant when it comes to protecting their fleet and other company data. A still widespread false sense of security and the sometimes high costs of holistic IT security, in which continuous investment would often be necessary, often represent an obstacle to better protection.
Our advice: Take a close look at your own IT security measures and make an informed decision about which cybersecurity solutions are suitable for your company. Not least in the case of the danger posed by DDoS attacks, it is worthwhile to take a close look at the offers of the available IT service providers, as a common firewall only offers a low level of protection in this case. You certainly don't want to hear the proverb "You learn by doing" as a consolation from your competitor.