CAI Transportation Blog

Cybersecurity in supply chains: Are your systems safe?


The collaborative nature of today’s supply chain makes its data more vulnerable than ever. Shippers have to share critical information with an average of 10 other parties before they can complete their routes. Low industry margins make paying for proper cyber protection difficult.

With the digitization of data and strong growth, the logistics industry is an attractive target for hackers. In fact, cyber attacks in logistics rose by 200% in 2017 and will continue to rise in the future.

Let's take a deeper look at why cyber security is a priority and what you can do to safeguard your supply chain.

The high cost of security breaches

Recent cyber attacks on shipping giants FedEx, Maersk, and COSCO have brought attention to the importance of cybersecurity within the transportation industry. In each case, ransomware viruses shut down electronic bookings and other crucial IT systems. Maersk has since claimed the attack was responsible for $300 million in lost revenue.

The costs associated with cybersecurity breaches are growing. IBM’s 2018 study puts the global average cost of a cyber attack at $3.86 million—an increase of 6.4% over 2017.

Why transportation and logistics?

Several factors make the transportation industry attractive to cyber criminals:

  • While retailers and financial institutions continue to be prime targets, cyber criminals have broadened their efforts into other data-heavy industries.
  • Logistics data has been increasingly digitized over the past few years. As more data moves into more online systems, often shared and integrated across entities, transportation becomes a bigger target.
  • With global trade on the rise, the transportation industry affects critical airport and shipping terminal networks.

Hackers often choose to attack where they can do the most harm. The complex nature of logistics can make it especially vulnerable to disruption.

Complex system—simple target

Supply chains are part of a complicated global system. Raw material providers, production facilities, retailers, and shippers work alongside each other and all share data online. This interconnected logistics industry is a tempting target for cyber attacks. The more links in a supply chain, the more important secure handling and storage of data becomes.

Shipping vessels are of particular concern. Research suggests that a ship’s navigational equipment is surprisingly easy to hack. The International Maritime Organization was slow to recognize ships as a functioning part of cyberspace, making them ill-equipped to handle online attacks.

Precautions your business can take

Reducing data exposure and improving security will help protect your operations. Use the following strategies to keep your information systems safe.

Protect internal systems

Ransomware is an especially crippling form of cyber attack. Ransomware is a malicious software that locks down access to valuable computer files. Hackers then demand payment in exchange for the files—with no guarantee you’ll get them back.

To help protect against malware, use basic cybersecurity precautions like installing firewalls and virus detection programs. These barriers deny malware access to your internal systems. And it’s a must to backup company databases and files on a regular basis.

Encryption in sensitive communication and use of SSL and SSH (secure socket layer and secure shell) are software approaches to data protection and should be employed wherever possible. Keep abreast of hardware security modules (HSM) as they may make their way into logistics and terminal operations, and can provide tamper-proof and robust encryption capabilities.

Train personnel

Cyber-risk management is as much about people and behavior as it is about systems. Educate personnel about the dangers of clicking on unknown links, URLs, and email attachments. It’s a good idea to restrict employee access to sensitive files, and to review permissions of all individuals, limiting them to their business needs.

Prevent and discourage employees from downloading unauthorized apps or software that can weaken your security walls. Consider segregating data within shared programs and business processes, where users have the information they need and that which is specific to their work.

The National Institute of Standards and Technology (NIST) has a detailed cyber attack framework you can use to familiarize yourself with current best practices. For more advice on creating a culture of awareness in the workplace, consider tips and resources provided by the National Cyber Security Alliance.

Team up with your supply chain partners

Many cyber threats stem from the suppliers and other partners who make up your network. Efficiency in logistics means accessing shared online platforms like freight exchange programs. As we seek increased efficiency, we must be aware of integrations and new vulnerabilities that can arise.

Some experts believe standardization may be the safest approach to managing threats in logistics. If everyone involved followed the same industry protocol for cybersecurity, supply chains would be better protected.

While you can’t manage the security protocols of others, you can give preference to organizations which undergo regular audits covering aspects of security, or those with third-party security certifications. Consider crafting contracts that require partners to follow basic security measures. This could include adhering to defined audit standards or making audit results available for access.

Plan to safeguard your systems

Guarding against cyber threats should be part of your company’s overall plan for risk mitigation. You can use cybersecurity insurance to help you recover from the costs of an attack.

It’s also important to take a critical look at who manages your data and to review your network and data footprint regularly.

The best 3PLs offer several advantages that will keep your data more secure. They have the resources to invest in security systems, practices and control activities, and have more experience with safeguarding data. 3PLs often have larger carrier networks, which means they have more options when filtering for companies with great security practices.

CAI Logistics has these characteristics and employs these strategies to protect your data from cybercriminals. Our expert global teams use their experience and knowledge to help customers avoid and overcome real-world problems.

Contact us for a free capacity consultation. See for yourself why CAI Logistics is your best choice for protecting company data, securing capacity, and lowering transportation costs.

Get a dry van quote today