Freight theft is by no means a new issue facing drivers and carriers. Savvy and safety-conscious drivers have been able to mitigate their risk just by following standard best practices; parking in well-lit areas and a good strong lock have kept more than a few crimes of opportunity at bay. While there may still be random cargo thefts where a thief takes a rig, empties its contents and abandons the truck, some criminals are getting more high-tech.
Jarad Carleton, the principal consultant for information and communication technology practice at Frost & Sullivan is warning that cargo thieves have taken to hacking in to a fleet’s electronic network to gather information on what the most valuable cargo is, where it’s headed, and most importantly where it’s being picked up.
Thieves can use this information to perform false pickups where they pose as the driver who is actually supposed to be picking up the freight, accept the load, and then just drive off with it. By the time the real driver shows up, it’s too late and the thief and cargo are long gone.
“The ability to know where a specific shipment is – especially for high value goods like electronics – makes it easier to steal and more profitable to steal than randomly taking a tractor-trailer on the street,” Carleton noted in an interview with Fleetowner.
Large carriers generally have more secure online systems to prevent just such an attack, so these high-tech cargo thieves tend to target smaller less security-minded carriers.
Even once a thief is at the pick-up location, even if he knows everything about the cargo including where and when it’s being shipped, it can be difficult to fool the shipper. One thing that helps thieves pull off the scheme is if the shipper and carrier have a healthy relationship. If a carrier has hauled hundreds of loads for a shipper in the past, the shipper is more likely to forgive some misplaced paperwork than if this is the first load a carrier has hauled for them. Ironically, it’s the trust that’s been built up that makes things so much easier for the thief.
A report published by RSA titled Taking Charge of Security in a Hyperconnected World listed several common problems that contribute to cyber security breaches.
- Neglecting “security hygiene”– In forensic evaluations following security attacks, missed software updates frequently surface as exploited vulnerabilities.
- Relying exclusively on traditional threat prevention and detection tools– Most security teams still wait for signature-based detection tools to identify problems rather than looking for more subtle indicators of compromise on their own, even though traditional firewalls, antivirus scanners and intrusion detection systems (IDS) cannot discover the truly serious problems.
- Mistaking compliance for good security– Most compliance mandates reflect best practices that should be interpreted as minimum standards, not sufficient levels, of security.
- Inadequate user training– Many companies don’t invest enough time and resources in user training, even though users today are the first line of defense against many cyberattacks.
Next Story: Lowest OOS Rate Ever Still Needs Improvement
Image Source: northbridge