Cyber Threats to Trucking and Logistics: Cargo Theft Evolution

The Evolving Landscape of Cargo Theft

• 🚚 Cybercriminals are increasingly targeting the trucking and logistics industry to facilitate cargo theft, a modern evolution of traditional organized crime.
• 💡 This new approach often involves compromising load boards or carrier accounts using Remote Monitoring and Management (RMM) software to bid on and divert real cargo.
• 📈 Cargo theft is a significant issue, with annual losses estimated at $35 billion in the US alone, encompassing both traditional and cyber-enabled methods.

Cybercriminal Tactics and Tools

• 💻 RMM tools, legitimate enterprise software, are being weaponized by threat actors to gain unauthorized access and control over carrier accounts.
• 📧 Attackers may post fake loads, respond to legitimate carriers with malicious links, and then hijack accounts to book and reroute shipments.
• 🕵️ Research indicates overlap with threat actors previously involved in ransomware and other financial cybercrimes, suggesting a pivot towards more tangible asset theft.

The Double Brokering Scheme

• 🔄 Double brokering is a common tactic where a criminal acts as an intermediary, selling a load to another party for a profit without ever intending to fulfill the service.
• 🤝 Drivers may unknowingly participate, picking up and delivering cargo to criminal-controlled warehouses, believing it to be a legitimate booking.
• 🌐 This sophisticated approach allows criminals to profit from stolen goods, which can then be resold, effectively laundering money.

Request for Quote (RFQ) Scams

• 📄 A distinct threat involves RFQ scams, where threat actors impersonate entities to request financing for goods, ultimately leading to physical theft.
• 📦 Stolen identities and fraudulent financing terms are used to trick businesses into shipping goods, which are then diverted to mule houses or overseas.
• 🔗 These RFQ scams share tactics with Business Email Compromise (BEC) attacks and are often associated with West African criminal groups.

Prevention and Mitigation Strategies

• 🔒 Organizations should limit RMM software installations, enforce MFA on remote connections, and monitor new RMM installs.
• 📞 Verify load postings through callbacks to trusted brokers or by using alternative contact methods, similar to BEC prevention.
• 🎓 Train frontline staff on these evolving schemes and consider tabletop exercises between cyber and logistics teams to improve preparedness.

Broader Impact and Consumer Risk

• 🌍 The impact of cargo theft extends beyond the targeted organizations, as losses can lead to increased costs for consumers.
• ⚠️ Consumers should be mindful that disruptions in the supply chain can affect the price and availability of goods, from food and beverages to electronics.
• 💡 Validating communications and trusting your instincts when something feels off are crucial steps in preventing these types of cyber-enabled theft.