How to Protect Logistics and Transportation Organizations from Ransomware Attacks

Ransomware is a computer virus that takes over the target device, restricts the owner’s access, and demands the victim to pay a ransom to get their device back. Modern ransomware can steal files, target locally-stored backups, spread through the network, and even bring large organizations to a standstill.

The device can get infected through a malicious email, a spoofed website, or in many other ways. Then, the attackers may scan the device for something valuable or, if pressed for time, start encrypting everything at once. After encrypting the data, the ransomware will display a ransomware note with detailed instructions on how to create a cryptocurrency wallet and send Bitcoin to the attackers’ address.

In Canada, two of the most recent high profile ransomware attacks have been to the Toronto Transit Commission (the largest public transportation network in Canada’s largest city) that knocked down some of its communications system and a provincewide disruption of health-care services in Newfoundland and Labrador that affected thousands of appointments and procedures, including those involving COVID-19 testing. The annual Canadian Internet Registration Authority (CIRA) Cybersecurity Survey says nearly 70 per cent of Canadian organizations facing a ransomware attack last year paid the demands to avoid downtime, reputational damage, and other costs.

In 2021, ransomware has increased to thousands of attacks per day and is predicted to cost businesses over $20 billion. Many successful attacks may be left undisclosed.

Logistics and transportation was ranked the seventh most likely to be hit by a ransomware attack, among 35 identified industries, according to a new study from Nordlocker (nordlocker.com). The study was based on an analysis of 1,200 companies hit by cyber extortion between 2020 and 2021.

The 59 transportation and logistics companies affected range from industry leaders, such as one of the biggest European shipping companies with a fleet of 230 ships, to small enterprises, such as a household moving company in Montana, US. The findings raise the question:

Why do cyber criminals prioritize the logistics and transportation industry?

The Nordlocker report suggests that “the logistics and transportation business could be enticing to cyber racketeers because of the core position this industry occupies on the world stage. ‘The interconnected nature of logistics to businesses all over means that, in the event of a ransomware attack, not only does the company’s reputation get questioned but also numerous supply chains get disrupted, exerting mounting pressure to pay the demanded ransom,’ says Oliver Noble, a cybersecurity expert at Nordlocker, an encrypted cloud service provider. In addition, the industry’s relatively traditional business model, which is in large part yet to include up-to-date cybersecurity solutions, could incentivize hackers towards certain companies.”

How can a company protect itself from a Ransomware attack?

Here are some tips from Chris Thomas, Vice President, Industrial at Darktrace (darktrace.com).

• Gain complete visibility into your entire digital infrastructure. From IoT devices to on-prem servers, for a successful security strategy, you need to understand how your technology is communicating, as well as where and why.

• Organization-wide mandatory security training. All employees need basic security hygiene and to employ precautionary protocols like implementing multi-factor authentication and using VPNs.

• Implement security tools. Security technologies like autonomous detection and response and segmentation that can identify and contain cyber-threats can give security teams time to remediate the attack before it can spread laterally throughout the business and cause significant disruption and financial damage.

• Identify vulnerabilities. Whether through red-teaming or not, organizations need to identify their vulnerable areas and patch them as soon as possible to remediate those risks. Organizations should be consistently updating their software and hardware when possible, but continuously monitoring devices will ensure unpatched or unknown vulnerabilities are covered, too.

• Regularly back up and encrypt data. This process will protect your data in the worst-case scenario that your organization’s data was stolen or held for ransom.

Oliver Noble offered some easy-to-implement cybersecurity tactics to serve your business as defense:

● Make sure your employees use strong and unique passwords to connect to your systems. Better yet, implement multi-factor authentication.

● Secure your email by training your staff to identify signs of phishing, especially when an email contains attachments and links.

● Adopt zero-trust network access, meaning that every access request to digital resources by a member of staff should be granted only after their identity has been appropriately verified.

Mr. Noble added that even though big companies have a higher probability to offer hackers larger ransoms, small companies are not safe either. “Small enterprises usually do not have the same cybersecurity checks in place as larger businesses, making them an easier target for ransomware attacks. That being said, major companies are still the preferred targets, as their deeper pockets and higher stakes make them more likely to pay up,” the expert noted.

NordLocker states that it is the world’s first end-to-end file encryption tool with a private cloud. It was created by the cybersecurity experts behind NordVPN – one of the most advanced VPN service providers in the world. NordLocker is available for Windows and macOS.

Darktrace’s mission is to empower organizations to stop the disruption that cyber-threats can cause, across digital infrastructures everywhere. Darktrace AI enables organizations of all industry sectors to build up resilience against novel attacks, by autonomously learning their ‘digital DNA’. Darktrace’s Self-Learning AI defends people, data and infrastructure from whatever is around the corner.

To stay up to date on Best Practices in Freight Management, follow me on Twitter @DanGoodwill and join the Freight Management Best Practices group on LinkedIn.