News of supply chain cyber attacks isn’t hard to find. A quick google search reveals several ransomware attacks on major supply chain players in 2020. Most recently Daniel B. Hastings, a Texas based freight forwarder, was the target of a cyber attack. The hackers posted files claiming to have hacked the freight forwarder and demanding a ransom before leaking sensitive information.
Freightwaves, who broke the story, notes the authenticity of the files leaked by Conti which include completed U.S. Customs documentation for shipments to several countries, across multiple modes. Specializing in cross-border shipments from the U.S. to Mexico, Hastings’ operations span 5 locations in Texas. Their partners include Casas International and Pacific Brokerage, all members of the CPH Group.
Ransomware attacks function 50% like Harry and Marv in Home Alone and 50% like the bad guys in Taken, but with technological sophistication. The hackers exploit security vulnerabilities, such as on premise servers, in a company’s technology infrastructure in order to steal sensitive information. They then leak some of the information, proving their hacking prowess and cementing the threat, requesting money in exchange for the safe return of the company’s technology and information. In the case of Hastings, there was no Kevin McCallister or Liam Neeson to thwart the attackers and retrieve the stolen stuff.
This kind of hacking does damage by compromising valuable information - the stuff you expect large companies to keep safe for you - and ruining a company’s reputation. There are even ransomware insurance firms that handle these attacks with discretion. The goal is to mitigate damages to a brand’s reputation by keeping the negotiations quiet. But these kinds of firms can also help ransomware groups flourish by paying them off instead of holding them accountable.
Ransomware attacks on supply chain companies aren't isolated to forwarders like Hastings. Conti’s shenanigans range from leaking personal information for many of Daseke’s drivers to the dark web and hacking U.S. Criminal Courts. This, following an attack on Canadian trucking group Manitoulin Transportation in September, should cause us all to take a moment and consider the security of the technology that supports our supply chains.
In the fight against supply chain cyber attacks there are a few things you can do to keep your company’s information and reputation safe. Cloud architecture is your supply chain’s Liam Neesson and two-factor authentication is its Kevin McCallister. Moving from an antiquated on-premise server to a truly cloud architected TMS will not only enhance your security, it’ll provide the speed and agility you need to accommodate a rapidly changing shipping environment. Using a transportation management system with unlimited users and two-factor authentication ensures security at the point of access so that attackers can’t even get in. Cyber security vulnerabilities can absolutely sink a company. Now is the perfect time to take a hard look at your shipping and logistics technology and transform the way you ship.