Companies should remain paranoid about IT security

In the second half of last year, companies in the transport and logistics sector continued to be regular victims of cyberattacks. It shows that IT infrastructures remain vulnerable, and companies need to be prepared for attacks, especially against the backdrop of the war in Ukraine.

For the period from July to December 2021, analysts at KonBriefing Research recorded 27 successful cyberattacks on the industry worldwide. Among others, freight forwarders, public transport companies, railroads, airports, shipping companies and port operators were affected.

In most cases, it was probably ransomware: Criminal gangs penetrate the IT systems, steal the data, and eventually encrypt it, making the systems unusable for the affected organization. The criminals then demand a ransom for the possibility of decryption. If payment is not made, the stolen data is published on the darknet.

In addition to such economically motivated cyberattacks, there are other reasons. For example, it can be assumed that the attacks on Iranian railroads in July and on Iran’s fuel payment system in October had a political background.

The complex IT infrastructure of companies offers numerous starting points for attacks, and the figures for the second half of 2021 show that such attacks are ongoing and succeed repeatedly. Since many corporate processes today are based on functioning IT, a successful attack can have a significant impact on the victim’s business operations. Therefore, companies must continuously invest in the security of their IT to give attackers no chance, but also to cope well with realized attacks.

Protection includes a wide range of technical and organizational measures. In addition, it is important to raise the awareness of employees, because many attacks begin with phishing. Also mandatory: an emergency plan that describes the steps to keep key business processes up and running after a successful attack.

With the war in Ukraine, such protective measures have become even more important. Because cyberattacks have become an integral part of the confrontation between political systems. Transport companies are particularly attractive targets because of their high visibility. Bert Kondruss, managing director of KonBriefing: “Companies shouldn’t just be vigilant, they should be downright paranoid about IT security.”