A former Prime Inc. dispatcher recently pled guilty to embezzling $300,000 from truckers’ expense accounts after stealing their personal identity data. Known as an “insider attack” in the cybersecurity sector, hard-working truck drivers may be at greater risk than they realize.
Corey Hendrickson, the former mayor of Willard, Missouri and Prime dispatcher, recently entered a plea to charges he committed wire fraud and aggravated identity theft in federal court. Although the politician awaits sentencing, he also resigned from the Willard Board of Aldermen following his court appearance.
According to reports, Hendrickson took full advantage of his dispatching job to pilfer off personal identity information for upwards of 500 truck drivers, including Social Security numbers. Operating from the inside, the upstart hacker admitted to running a 5-year scheme that dipped into driver fuel accounts. Completing 1,078 fraudulent transactions, Hendrickson enriched himself by $298,738 through this insider attack.
What is an Insider Attack?
The Cybersecurity and Infrastructure Security Agency considers an inside attack the misuse of data by a legitimate network user. Insider threats typically have access to critical digital assets, including Social Security numbers, birth dates, addresses, and financial information. In the Prime embezzlement case, the dispatcher could freely log into Prime’s system, using his position to leverage truck driver data and rob their accounts. Because Hendrickson enjoyed unfettered access to trucker information and siphoned off funds in relatively small increments over five years, he was able to hide his crimes in plain sight.
How to Protect Against an Insider Attack
The ability of hackers to pull off insider attacks is a reason for pause. Their position and approved network access tend to indicate a level of trust that proves unwarranted. Freight carriers, owner-operators, and hourly-wage truck drivers would be well-served to consider implementing cybersecurity protections.
Freight Carriers Can Implement Zero Trust Protocols
Companies can place standard restrictions on every user’s account to ensure the individual cannot access employee information. This strategy allows legitimate users to access the programs and data they require to do their job, nothing more.
Truckers Can Use Two-Factor Authentication
One of the simplest and most effective ways to keep unauthorized personnel out of accounts, this security strategy sends a code to a secondary device during a login attempt, usually by text or email. A hacker cannot breach things like expense accounts without the code.
The once-trusted dispatcher now faces up to 20 years in prison, and the insider attack is a wake-up call for freight carriers and truckers.
https://www.cisa.gov/topics/physical-security/insider-threat-mitigation/defining-insider-threats
Leave a Comment