Categories

Editor's Choice
Tech Jobs Network
News & Events
Access Control & Identity Management
AI & Data Analytics
Asset Management
Associations
Conferences & Events
Facilities & Building Management
Fire & Safety
Information Security
Infrastructure
Integrated Solutions
IoT & Automation
Perimeter Security, Alarms & Intruder Detection
Power Management
Products & Solutions
Security Services & Risk Management
Smart Home Automation 
Surveillance
Training & Education
Videos
Security by Industry Sector ▾








Print this page printer friendly version

Cyber resilience is more than security

Issue 4 2022 Industrial (Industry), Information Security, Infrastructure

By Kate Mollett, regional director at Commvault Africa.


Kate Mollett.

The shipping and logistics industry is increasingly a target of cybercrime and ransomware attacks, a trend that has accelerated in recent years. The reason for this is simple, these companies store and process a wealth of personal information that is immensely valuable, so a successful attack can be a highly profitable exercise.

However, the damage these attacks cause financially and reputationally can be catastrophic. Companies need to implement leading-edge ransomware recovery and ransomware protection to enable them to protect and recover data quickly, minimising damages and loss.

An industry under siege

There are many examples of cyberattacks and data breaches across the shipping and logistics sector, from companies of all sizes. There were also several high-profile data breaches in 2020 and 2021, which have shone a spotlight on this industry under siege. In April 2020, Mediterranean Shipping Company was the victim of a malware attack that caused an outage to the company’s website and customer portal. In June, global conglomerate Maersk reported a cyberattack that caused in excess of $300 million in losses. CMA CGM was attacked in September, with a breach that impacted its peripheral servers.

This trend accelerated into 2021. In September, CMA CGM was hit again, this time with an attack targeting customer information. In November, shipping giant Swire Pacific Offshore (SPO) fell victim to a cyberattack that caused a significant data breach that resulted in the loss of confidential proprietary commercial information and personal data.

In December, US logistics company D.W. Morgan exposed over 100 GB of sensitive data on clients and shipments, including financial, transportation, shipping and personal details. Also in December, Hellman Worldwide Logistics was targeted by RansomEXX ransomware, and more than 70 GB of stolen data, including customer names, user IDs, email addresses and passwords, was leaked.

Size doesn’t matter

While the examples above are of large multinational shipping and logistics conglomerates, cyber threats affect providers of all sizes across the supply chain. A case in point is a malware attack on a third-party supplier for Canada Post in May 2021, which resulted in a data breach impacting 950 000 parcel recipients. Another example is a ransomware attack on a small trucking company in the US, which could potentially have taken down the entire business.

The reality is that cybercrime does not discriminate based on size, and all organisations throughout the supply chain need to take the relevant steps to protect data and ensure the ability to recover from an attack. While digital transformation can improve efficiency in the logistics sector, it can also introduce vulnerabilities if data security is not prioritised.

A multi-layered approach

Data security is a vital tool to protect against ransomware, and it needs to take the form of a multi-layered defence to guard on multiple levels, build on a zero-trust framework for advanced security, that should be flexible and scalable to meet digital transformation goals.

The first step is to identify, assess and mitigate risk exposure, including implementing tools like multi-factor authentication and dual authorisation. Data then needs to be locked and hardened, using air gapping and immutable copies of data to reduce the attack surface and better safeguard it. Clean backup copies help to minimise risk as well as the downtime associated with a data breach. Active and advanced threat and anomaly monitoring provide early warning alerts of suspicious and malicious activities.

Finally, consistent recovery processes need to be put into place across all data and workloads to restore wherever the data is needed. Solutions should also actively work to avoid ransomware file reinfections by deleting suspicious or unnecessary files from backups, isolating suspect backup copies, and enabling restoration to a safe location.

With the increasing number of attacks on the shipping and logistics sector, protecting data is essential. What is arguably more important, however, is the ability to recover quickly in the event of an attack. Extended downtime and continued exposure can end up costing millions, and the reputational damage can be severe, not to mention the regulatory penalties associated with leaked personal information. Having an effective recovery strategy and the right tools in place is critical to protecting organisations in this vulnerable industry.




Share this article:
Share via emailShare via LinkedInPrint this page


Further reading:

Open source code can also be open risk
Information Security Infrastructure
Software development has changed significantly over the years, and today, open-source code increasingly forms the foundation of modern applications, with surveys indicating that 60 – 90% of the average application's code base consists of open-source components.

Read more...
Fastest PCIe Gen 5.0 NVMe SSD
Products & Solutions Infrastructure
Sandisk has unveiled the WD_BLACK SN8100 NVMe SSD with PCIe Gen 5.0 technology, an internal SSD delivering speeds up to 14 900 MB/s and capacities up to 4 TB, with 8 TB solutions available soon.

Read more...
SA’s strained, loadshedding-prone grid faces cyberthreats
Power Management Information Security
South Africa’s energy sector, already battered by decades of underinvestment and loadshedding, faces another escalating crisis; a wave of cyberthreats that could turn disruptions into catastrophic failures. Attacks are already happening internationally.

Read more...
Unified storage solution
Products & Solutions Infrastructure
CASA Software has announced the local availability of Nexsan’s upgraded unified storage solution, Unity NV4000, which is ideal for mixed workloads, from virtualisation and video surveillance to secure backup and recovery.

Read more...
Almost 50% of companies choose to pay the ransom
News & Events Information Security
This year’s Sophos State of Ransomware 2025 report found that nearly 50% of companies paid the ransom to get their data back, the second-highest rate of ransom payment for ransom demands in six years.

Read more...
Cybersecurity a challenge in digitalising OT
Kaspersky Information Security Industrial (Industry)
According to a study by Kaspersky and VDC Research on securing operational technology environments, the primary risks are inadequate security measures, insufficient resources allocated to OT cybersecurity, challenges surrounding regulatory compliance, and the complexities of IT/OT integration.

Read more...
Security and privacy: Is one without the other possible?
IoT & Automation Industrial (Industry)
OEMs have a duty to protect privacy as much as security. If security protection is about keeping people out of an embedded device, privacy protection safeguards the data inside the device.

Read more...
Suprema unveils BioStar Air
Suprema neaMetrics News & Events Access Control & Identity Management Infrastructure
Suprema launches BioStar Air, the first cloud-based access control platform designed to natively support biometric authentication and feature true zero-on-premise architecture. BioStar Air simplifies deployment and scales effortlessly to secure SMBs, multi-branch companies, and mixed-use buildings.

Read more...
Back-up securely and restore in seconds
Betatrac Telematic Solutions Editor's Choice Information Security Infrastructure
Betatrac has a solution that enables companies to back-up up to 8 TB of data onto a device and restore it in 30 seconds in an emergency, called Rapid Access Data Recovery (RADR).

Read more...
How intrusion protection helps secure O&G operations
Surveillance Perimeter Security, Alarms & Intruder Detection Industrial (Industry)
For O&G operators in Africa, physical security remains one of the biggest considerations, particularly when it comes to perimeter protection and the ability to mitigate intruder-related incidents.

Read more...











SMART Security Business Directory


While every effort has been made to ensure the accuracy of the information contained herein, the publisher and its agents cannot be held responsible for any errors contained, or any loss incurred as a result. Articles published do not necessarily reflect the views of the publishers. The editor reserves the right to alter or cut copy. Articles submitted are deemed to have been cleared for publication. Advertisements and company contact details are published as provided by the advertiser. Technews Publishing (Pty) Ltd cannot be held responsible for the accuracy or veracity of supplied material.

Published by Technews

»  Dataweek Electronics & Communications Technology
»  Electronics Buyers' Guide (EBG)

»  SMART Security Solutions
»  SMART Security Business Directory

»  Motion Control in Southern Africa
»  Motion Control Buyers' Guide (MCBG)

»  South African Instrumentation & Control
»  South African Instrumentation & Control Buyers' Guide (IBG)



© Technews Publishing (Pty) Ltd. | All Rights Reserved.