THE Federal
Bureau of Investigation (FBI)
says that ransomware
actors are actively targeting the transportation, healthcare and industrial
industries.
Experts fear such ransomware
attacks could cripple the US' transportation infrastructure if companies don't
protect their data and demand more stringent security compliance.
A report from Malwarebytes showed that in the first quarter of 2019,
ransomware attacks took off by 195 per cent. The report further noted that
hackers are targeting small- to medium-size businesses, which in the
transportation sector means smaller carriers and owner-operators, reported New York's FreightWaves.
"Owner-operators and big
logistics firms alike are facing the same broad set of risks," said PowerFleet for Logistics
general manager Norm Thomas. "They
are all integrated into freight brokerage systems and other platforms that have
sensitive data on freight and assets that make them a target."
Ransomware
is a type of malware - software designed to damage a computer network. Ransomware's characteristic weapon is encrypting
files on a server to the point that they become unusable. In the transportation sector,
hackers can shut down a fleet's transportation management system (TMS), divert
cargo from its destination or compromise trade secrets.
If targeted companies don't pay
what the hackers demand, the hackers can delete a compromised programme and
lock a firm out of its own data. What's at stake? A company's bottom line and
ability to keep a secure network with larger carriers, third-party logistics
(3PL) providers and shippers.
"Regardless of the technique
that perpetrators use to attack their victims, their goal is extortion. And
extortion, including cyber-enabled extortion, can cripple a victim business and
wreck personal lives," said Subsentio chief technology officer Marcus
Thomas, who is a former assistant director of the FBI's
Operational Technology Division.
"The key to ransomware defense is prevention and preparation."
It's not the cargo the hackers
are after: It's having data that tells when and where the cargo is traveling
and could be useful in criminal acts like corporate espionage. Since the ELD
mandate took effect in December 2019, all commercial trucks on the road log
hours worked and distances travelled electronically, but not all ELDs have the
same security standards, such as encryption.
Owner-operators with vulnerable
ELDs could be the target of ransomware hackers who want private and sensitive
data. While a large number of owner-operators and legacy trucking companies
have invested in newer technologies, they don't always prioritize an investment
in security.
Experts believe that ransomware
events occur far more frequently than reported, but because admitting attacks
could invite additional ones, companies keep quiet. Several recent attacks,
however, have made their way into headlines.
In December 2019, the middle of
peak retail season, Truckstop.com suffered a ransomware attack that prevented its
200,000 active users from using the load board, as well as payment and online
carrier safety services for seven days.
While security measures require
companies to invest in software solutions like firewalls, antivirus and the
cloud, Mr Kraus says they are only as good as the people who manage them.
There's not a one-size-fits-all solution.
"These solutions aren't
going to stop Jane in human resources from clicking on a phishing email,"
said Mr Kraus. "For small companies, cloud may be the solution for you,
but if you're a midsized to large trucking firm, you may want a hybrid cloud
solution where you're running your websites in the cloud, but keeping your
databases local so you can keep control of those."
Source : HKSG.
Tidak ada komentar:
Posting Komentar