The ransomware attack on Forward Air (NASDAQ: FWRD) in December served as an unusually visible reminder of what hackers can do to a trucking and logistics company. They can disrupt the movement of freight, undermine the confidence of customers and cost companies a lot of money.
As CEO Tom Schmitt told FreightWaves’ John Kingston recently, the company had been preparing for a catastrophic ransomware attack. Weeks earlier, the firm had staged “comprehensive roleplay” for such an event. Additionally, Schmitt noted, “We hack ourselves all the time” to find and fix vulnerabilities.
Still, Forward got hit.
Was it a testament to the sophistication of the hackers? Or a reflection of the inadequacies of the company’s own cybersecurity? While we know few details about what happened, broadly speaking these attacks succeed through a combination of both. A commonly cited figure from Gartner Research is that 90% of ransomware attacks are preventable. And if an attack happens — preventable or not — companies have a lot of control about how bad it can get and the time it takes to recover. But it requires effort, money and the right people.
A cybersecurity expert I talk to frequently, Emsisoft’s Brett Callow, put it this way: “If someone manages to break in Fort Knox, they probably aren’t going to be able to rob the whole place.” Likewise, if someone opens a malware-laced email attachment, it shouldn’t bring a company to its knees. But it happens far too often.
With that in mind, FreightWaves has launched a dedicated space on its website for cybersecurity. We are beefing up our news coverage and will soon launch a weekly newsletter. A virtual live event, the Cybersecurity Summit, comes in June. It’s all in the name of bringing transparency and understanding so that transportation and logistics companies as well as shippers can better protect themselves. While ransomware attacks are the No. 1 threat now, expect in-depth coverage about an array of emerging issues. The security of autonomous vehicles is a big one.
A matter of national security
This isn’t just about preserving profits; it’s also a matter of national security. Fighting the COVID-19 pandemic requires supply chains that are secure to move vaccines and other medical supplies, plus the goods that keep a fragile economy moving.
The cyberattacks against transportation and logistics firms are alarming, particularly since they come amid revelations about U.S. government systems being breached through the compromising of a widely used network tool produced by the company SolarWinds. The U.S. has blamed Russia.
While the ransomware gangs that target companies on a regular basis are doing it to make money, some also have links to states including Russia, Iran and China.
Forward shouldn’t be blamed for the actions of criminals. Nor should the numerous other peers who got targeted in 2020 — CMA CGM, TFI International, Daske and Cardinal Logistics to name a few. All too often these crimes happen quietly as companies understandably seek to avoid the embarrassment and sometimes legal liability. Ironically, these attacks often only get reported after a company refuses to pay the hackers’ ransom demands — leading to data getting posted to the dark web.
Why it’s time to open up about cyberattacks
These attacks don’t occur in a vacuum. Ransomware attacks, particularly those involving data theft, can cause harm beyond the companies victimized or their employees. They frequently expose sensitive data about customers or partners. And a single incident can become a vector for other attacks.
Likewise, a hack of a customer or supplier can have consequences for a transportation and logistics provider. Case in point: the recent leak of employee medical records of UPS truckers and Norfolk Southern rail workers after an apparent ransomware attack and data breach at a Virginia occupational health provider.
I’ve talked to a lot of transportation and logistics professionals about cybersecurity in the past month since the Forward Air attack. These included executives, freight brokers and truck drivers. If there’s one common thread, it’s their resignation to getting hacked.
But serious cyberattacks don’t have to happen to everyone, and they don’t need to bring the kind of disruption experienced by Forward. Or result in the damaging data breaches that expose sensitive company information or that of their most valuable assets, their people.
A key starting point: open discussion and transparency. The more companies that are willing to talk about cyberattacks — as Schmitt did — the safer and smarter the industry will get.
Click for more FreightWaves articles by Nate Tabak
Hackers leak trucker, rail worker medical record
Ransomware attack hits short line rail operator OmniTRAX
5 defining cyberattacks on trucking and logistics in 2020