Supply chain cybersecurity and modern-day cargo theft
In 2024 alone, $700+ million worth of cargo shipments were stolen. Modern heists bear little resemblance to the dramatized versions on shows like The Sopranos or Goodfellas. Today’s hijackers don’t need guns or elaborate schemes; all they require are login credentials to access billions of dollars in global shipments. While technology has revolutionized global logistics and helped meet growing customer expectations, it can also make shippers and manufacturers more vulnerable to losing massive amounts of cargo each year.
The supply chain is no stranger to major disruptions (like the Francis Scott Key Bridge collapse and the ongoing Houthi rebel attacks in the Red Sea) that cause millions in lost revenue a year. These losses can often be mitigated by technology that gives users access to global shipping schedules on high-traffic routes. However, it can also make companies a target. Port operator DP World was the victim of a breach that forced operations to be suspended for three days last November, resulting in major delays for over 30,000 shipping containers. Companies relying on the supply chain hold a treasure trove of information cybercriminals want. By accessing critical data through a breach, these cybercriminals can pinpoint the exact location of valuable shipments and steal them directly from ports, railyards and airports, putting the global supply chain industry at immense risk.
Where logistics companies are vulnerable
One of the most significant vulnerabilities in any organization is its personnel. Cybercriminals frequently exploit human error to gain access to sensitive information. Whether it’s an employee loading cargo onto a container ship or a C-Suite executive analyzing shipment performance, all personnel are equally susceptible to falling victim to cybercriminals through various schemes.
- Phishing: On average, 30% of adults fall for phishing schemes in the United States. Despite company trainings and technology to block email scams, phishing remains a prevalent threat to business security and revenue. Cybercriminals often impersonate company leaders or colleagues, often targeting new hires, to lure employees into divulging their login credentials. Executive new hires can be the perfect target for these types of attacks. Their high-level clearance offers cybercriminals greater access to confidential information and logistics systems. By gaining these credentials, cybercriminals can infiltrate the logistics software suite and monitor a shipment’s movement from point A to point B, leading to potential theft.
- Stolen credentials and session tokens: Clicking on malicious links can lead to stolen session tokens that go unnoticed by the employee. Once an employee enters their login information on a compromised site, cybercriminals can capture and use these credentials to access company systems, a valuable shipment’s precise location and even the ETA of cargo. This unauthorized access can be prolonged, allowing cybercriminals to gather insights over an extended period without being detected.
Securing the supply chain: What the future holds
The reliance on passwords continues to be a major security flaw for the logistics industry. Studies show that over 50% of employees use the same password across multiple work-related accounts. Each employee builds a unique ecosystem of third-party tools and vulnerable access points, so it’s not far-fetched for cybercriminals to gain access to all accounts with a single compromised password. Although multi-factor authentication (MFA) can mitigate some risks, even some MFA methods are not phish resistant.
- Enterprise-wide single sign-on (SSO): SSO is an authentication method that allows users to log into multiple enterprise applications using one set of enterprise-managed credentials. Users will typically see this type of security at an enterprise level when adopting a supply chain visibility platform. For companies, SSO offers the advantage of unified login for all connected applications, mandatory use of various MFA methods and the ability to quickly disable employee access to all connected systems in the event of a breach or employee departure. This centralized control ensures that access to sensitive information is managed appropriately, enhancing overall security.
- Passwordless sign-in: Another emerging solution is passwordless sign-in, which leverages device verification codes. This method sends a unique code to an employee’s mobile phone, eliminating the need for a password. Employees only need to enter their username or email address and then verify the on-screen code (which expires after a short period) with their mobile device. This reduces the risk of password-related breaches, as there is no static password for cybercriminals to steal and reuse. This method of MFA is also considered phishing resistant because the MFA code is typed into the mobile device, not the site the user is logging into.
- Device binding: This method works by binding corporate-issued devices to the corporate identity management system making company resources only accessible with these bound devices. Combining this with SSO and MFA essentially makes an account phishing resistant because even if the user credentials are compromised, the cybercriminal lacks the device necessary to complete the login verification, making user credentials effectively useless to cybercriminals.
Protecting valuable assets
As cargo theft becomes increasingly sophisticated, companies must adapt by implementing advanced security measures and fostering a culture of vigilance. Training employees to recognize phishing attempts and employing robust authentication methods like advanced MFA, passwordless sign-in, SSO or device binding are crucial steps in safeguarding the global supply chain. By addressing the weakest links and reinforcing security protocols, organizations can better protect their valuable assets and revenue from being stolen.