Rise of the cyber attack: SC&RA comment November 2019
27 November 2019
Cyber attacks have become one of the top risks facing companies and industries around the world. Trucking and logistics companies are no exception. Transportation now lands at number five on the list of industries with the most cyber attacks, according to Forbes.
Despite the increasing sophistication of these attacks, it’s still tempting to dismiss the threat – a mistake that could cost a company severely, no matter the size.
In particular and, perhaps counter to popular belief, smaller transportation companies tend to be more regular targets for ransomware attacks – primarily because they lack the sophisticated protections of larger companies. As a result, they could be more likely to pay hackers who disable their computer systems.
That said, larger companies certainly aren’t off the hook; though they might have more significant protections in place, they can also represent bigger paydays for hackers, and thus remain targets that are essentially worth the risk. Numerous SC&RA companies, in the USA and beyond, have had to deal with cyber attacks, and the war stories can be harrowing.
Consider the alternative
Usually, when an attacker or hacker enters a company’s network, they are checking financials first to see how much they can charge for what amounts to ransom. Often times, if the numbers look good, they’ll plant “ransomware,” a type of malicious software, or malware, designed to deny access to a computer system or data until a ransom is paid. Ransomware typically spreads through phishing e-mails or by (the user) unknowingly visiting an infected website.
The ransom is often arrived at through a certain level of finesse. Hackers will literally look at your financials and decide how much to charge you – i.e., what you can afford as a company. They know if they ask for too much, you likely won’t pay. They want to land within a sweet spot of sorts, because this is ultimately a business model for them. The worst part? Once cyber attackers find a vulnerability, it’s a safe bet that they’ll probably come back for more.
This type of criminal is actually often a criminal enterprise, made up of multiple hackers operating a proficient underground business.
All the more reason to take your tech systems as seriously as any other component of your business. Your data is, essentially, sacred. One of your greatest priorities in the digital age should be protecting that data, which usually isn’t just your data, but the data of your customers and even other carriers.
Though it might sound like a stiff challenge, responsible companies understand and accept that cyber security is a task that is never complete. Companies can, however, significantly lower their risk through investment and employee training.
Obviously, you’ll never be hack-proof, but you can be prepared as well as secured in a way that doesn’t scream “soft target.”
Transportation (and certainly crane & rigging) companies should conduct at least one full computer system assessment per year, but bi-yearly wouldn’t hurt. This includes penetration and risk management tests that gauge the likelihood of an attack. Such tests can reveal opportunities to apply software patches in areas of need, but also create incident response plans, which can be critical when it matters most.
It is important to remember that a successful cyber attack doesn’t happen overnight; hackers are typically planning and researching for more than a year – all the while, you don’t have a clue.
Overall, responsible companies protect the personal information of their employees and customers first. They also educate their entire workforce about threats, phishing scams and even accounts payable information. If that feels like a hassle, then consider the alternative. Cyber security is definitely a party you don’t want to be late to.