Back to News

07/03/2022


Top Cyber Security Threats The Haulage Sector Needs To Know

Like many of today’s industries, haulage businesses are reliant on IT and the internet. A cyber-attack or inadequate information control can therefore lead to business interruption and significant financial and reputational loss.

To ensure you are aware of the current risks and have plans in place to protect yourself from them, here is a summary of what your haulage company should look out for.

Direct network attacks

A firm’s information systems can be directly attacked by cyber criminals through hacking, malware or ransomware.

If your systems or information are corrupted, altered or made inaccessible, your business won’t be able to function. Direct network attacks could result in loads exceeding weight limits, goods being transported to the wrong place or time-sensitive goods not making it to their destination on schedule.

This can result in your company being held financially responsible for spoilage, lost systems, property damage and more, depending on the contract conditions you entered into.

And remember, if you are part of a palletised or goods-carrying network, there may be further ramifications. The disruption caused may have a negative impact on your reputation and relationships going forward.

Social engineering

Cyber criminals do not necessarily have to hack into your systems to steal your money and information.

Social engineering attacks are now very common – and sophisticated. They usually involve a phishing email, which is made to look as though it comes from a company’s CEO or other high-ranking manager. In this email, the cyber criminal may order an urgent transfer of funds, which will go to their account. Similar attacks can also be carried out over the phone and by text message.

The criminal can easily gain knowledge about the names, identities and working habits of senior employees by searching social media, such as LinkedIn accounts. This gives their phishing attacks an air of legitimacy, which is what makes social engineering attacks so dangerous for businesses.

Failure of external networks and providers

Your business’s ability to function is not just dependent on the protection of its own networks. 

Connected systems are only as secure as the weakest link. As a haulage company, it is likely that your clients and suppliers have their own networks to run their businesses. If one of these is infiltrated or goes down, the supply chain can be threatened and you may find that you cannot receive or fulfil orders. 

This can lead to business interruption and losses that are not covered by a Property Insurance policy.

Similarly, if you outsource your IT to another business, you need to remember that you will still be held accountable for their mistakes by regulators and customers.

Inadequate protection of personally identifiable information

As a transportation and logistics firm, it is very likely that you hold personally identifiable information on both your employees and clients, as well as financial details.

Whether you keep these records on paper, on a server or on the cloud, they need to be protected from corruption, amendment or theft. This is a legal responsibility outlined in the Data Protection Act 2018 and the General Data Protection Regulation (GDPR).

Failing to do so can lead to expensive fines or prosecution. According to the law firm Reynolds Porter Chamberlain, which has been tracking fines from the UK’s Information Commissioner’s Office (ICO) since 2016, the average amount of money taken from those penalised for violating the integrity and confidentiality of personal information has tripled from £73,645 to £216,200. Most of the increase has resulted from implementation of the GDPR.

Non-compliance with the EU NIS Directive

In addition to GDPR, all but the smallest UK transportation firms are subject to the EU NIS Directive (enacted in UK law as The Network and Information Systems Regulations 2018). 

This was the first piece of EU-wide cyber security legislation aimed at achieving a high common level of network and information system security across the EU’s critical infrastructure. Transportation firms are considered Operators of Essential Services, and if found to be non-compliant they may be fined up to £17 million.

Use of mobile devices

It is normal for many employees to use their own mobile phones or devices in the workplace. For instance, your workers may use them to track locations, navigate, coordinate drop-offs and pick-ups, or submit invoices.

But the security of these devices may not be sufficient, opening your business up to network breaches and downtime.

Employee error

Hackers will deliberately enter a computer network to encrypt data and make extortion demands. But authorised employees can also make mistakes or act maliciously to destroy or corrupt your data. 

How to protect your haulage business from cyber threats

Threats targeting the transportation and logistics sector can come from:

  • criminals
  • terrorists
  • hacktivists
  • disgruntled or former employees
  • nation states
  • competitors
  • network errors

However, a dedicated Cyber Insurance policy can help to mitigate many of these threats, which are not necessarily covered by other forms of insurance, such as Property Insurance, General Liability or Commercial Insurance. Give me a call on 01603 218228 today if you’d like to discuss the cyber risks faced by your business.

Related Articles