Cybersecurity Risk Factors for Transportation

According to the World Economic Forum, by 2025, digitalization in logistics may unlock $1.5 trillion in value for logistics companies and $2.4 trillion in societal benefits.

The transportation and logistics industry's increased use of technology has helped modernize supply chain management for more transparency and cost-effectiveness. Because transportation and logistics companies use Edge and IoT to track the flow of their goods and store large amounts of data in the cloud, their digital footprint has grown, putting them on cybercriminals' radar.

The majority of IT investments in the logistics industry go toward business analytics, warehouse management, transportation management, and supply chain visibility. As a result, it's critical to assess the vulnerabilities that these systems face and install customized security technologies. A thorough risk assessment and audit of digital devices should involve an examination of the network, installed apps, and security standards for various operating systems. IT professionals can then classify the devices in the network depending on their risk and the sensitivity of the data they produce or store.

IoT endpoints that are physically deployed on assets (at various locations) connect to the internet using a variety of protocols. This arrangement jeopardizes data privacy and important transactions involving such data. To discover potential risks and breaches, logistics organizations should undertake thorough pen testing and vulnerability scans. For IoT linked devices, static and dynamic tests are recommended to establish a security standard. Dynamic testing captures and reveals code flaws as well as any underlying hardware flaws - this is crucial for understanding vulnerabilities that arise when new code is run on old processors.

A logistics organization should analyze the security of its network layer while assessing hazards holistically, assuring segmentation and zero trust. A logistics company's network should be divided into secure zones so that IoT devices and traditional IT equipment can be separated. The ability for operational technology (OT) solutions to perform seamlessly across all devices is one benefit of segmenting IoT endpoints. Even if a device is attacked, the damage will be confined to the section in which it is used. Network administrators can isolate such a zone and execute remediation measures without allowing other IT or OT devices to get affected.

Edge and IoT Cybersecurity Risk Factors

Supply chain disruptions

According to Supply chain resilience report 2021, the COVID-19 pandemic is considered the decade’s single most disruptive event for global supply chains. Now, removing the pandemic out of the equation, there was already a trend indicating that cyber attacks were rapidly increasing, being further accelerated by ransomware.

Circling back to the case of Maersk in 2017, we find that a single day of downtime can cost hundreds of thousands of dollars. Unfortunately, supply chain disruptions are more common than we’d like as found by a 2020 report that revealed 75% of companies had suffered supply chain disruptions due to cyber attacks in the last decade.

Additionally, McKinsey research estimates that businesses will, on average, suffer disruptions that can last up to one month every 3.7 years. Transportation, shipping, and logistics are vulnerable sectors as they are all targeted by nation-state groups as well as cybercriminals. Geopolitical tensions can spark attacks or shipping disruptions such as Brexit, the US-China trade dispute, or the recent Russian invasion of Ukraine.

Operational Technology (OT) attacks

Integrating traditional IT environments with OT systems, as well as growing numbers of connected endpoints via Edge and IoT, security risks increase exponentially for transportation and logistics consumers and businesses.

Cyber attacks are plaguing the transportation and logistics industry with a recent report finding that in 2020 the number of attacks on the industry soared by 400%. The same report also found that cyber attacks on the maritime industry’s operational technology systems have increased by 900% from 2017 to 2020.

Among those attacks, 50 were major OT attacks reported in 2017, which increased to 120 in 2018, more than 310 in 2019, and more than 500 by the end of 2020. As you see, OT hacks and security breaches are increasing alarmingly.

Most transportation and logistics attacks are due to lack of security awareness within all layers of the IT perimeter that now includes OT, smart products, endpoints, and services across supply chains.

Ransomware

Undoubtedly, ransomware is the largest cybersecurity threat facing transport and logistics companies. A recent report found that ransomware is the number one cyber threat to transportation and logistics companies, yet 90% of organizations studied in the report had open remote desktop or administration ports and insufficient email security, which are known as primary vulnerabilities to ransomware.

For example, in 2019, the Ryuk ransomware caused an outage that prevented clients from using Pitney Bowes services, which include global shipping, mailing, e-commerce, data, and financial services for more than 90% of Fortune 500 companies

In early February 2020, Toll Group, a shipping company, communicated it had stopped deliveries due to an infection of the Netwalker ransomware. The infection persisted for at least 18 days, leading researchers to find that the ransomware was spread via phishing and brute-force access to remote desktops with weak passwords. Later in May of the same year, the company faced another ransomware infection that led to data exfiltration and was most likely exposed because of remote desktops.

How to Use AI to Combat Cybersecurity Threats in Transportation and Logistics

Nowadays, digitalization plays an important role in all segments. Digitalized assets for logistics could be easily reflected as digital twins and big amount of sensors data could be

isolated with an Edge layer with data-processing on-board. Good example of such logistics cases could be big cargo ships with hundreds of sensors on-board, so ideally we should protect all the aspects of network data inside the ship, considering the fact that the IoT/OT equipment could be exposed to the personnel/passenger on ship or when it arrived at port.

Additionally if we’re talking with satellite-based gateways, exposure of the public IP could bring additional threats in the networking layer. These threats could lead to direct financial losses during ship communication and monitoring, which also could impact the safety of cargo and people on board. These concerns could result in direct financial losses during ship communication and monitoring, as well as compromising the cargo and crew's safety.

AI EdgeLabs can provide network intrusion detection and protection against threats that can appear on a shipping container’s Edge. AI EdgeLabs is a robust, enterprise-grade, and AI-based platform that brings advanced network visibility, early threat detection, and automated incident response and remediation vital for the transportation and logistics industry. Enriched with Deep Reinforcement Learning, our platform is smart and impressively accurate in detecting threats before they even have a chance to cause harm.