Two transportation organisations have suffered cyberattacks in the past few weeks. ORBCOMM, a trucking and fleet management solutions provider confirmed that a ransomware attack is behind recent service outages. The second incident impacted The Auckland Transport (AT) transportation authority in New Zealand.
Both organisations are dealing with a widespread outage caused by their respective cyber incidents.
ORBCOMM provides dozens of trucking companies with electronic logging device (ELD) systems, which are mandated by the U.S. Department of Transportation to track how long drivers spend behind the wheel. AT is the government-owned regional transportation authority in the Auckland region, responsible for public transport through ferries, busses, and trains.
Looking into the issues is Nick Tausek, Lead Security Automation Architect at Swimlane. Tausek tells Digital Journal why the delivery industry is under particular risk from nefarious parties.
There are solutions to some of the issues affected, and these are also considered. For instance, security automation has the potential to identify incoming threats, triage and prioritize alerts as they emerge, and perform automated incident response.
Tausek notes: “The trucking and delivery industry is a prime target for threat actors as it provides an opportunity to create massive disruptions to employees, customers and the overall supply chain.”
With the specific industries, Tausek observes: “Two major transportation providers revealed they were targeted by threat actors: the Auckland Transport Authority, which is responsible for the city’s transport and state highways, and ORBCOMM, which provides satellite connectivity to freight companies.”
There is a similar impact: “Both of these organizations are currently suffering delays in shipments and customers are reporting that they are no longer able to track inventory handled by the companies due to a cyberattack.”
This leads to measures that the companies need to take: “To avoid economic disruption and mitigate potential supply chain issues, critical infrastructure sectors must make sure that best cybersecurity practices remain top-of-mind.”
Such measures include “implementing multi-faceted cybersecurity systems that automate detection, response and investigation protocols and allow for complete visibility into IT ecosystems with the ability to comprehend and thwart malicious threats in real time, before cybercriminals are able to take over.”
Cybersecurity automation allows for rapid detection and response to potential threats, reducing the time it takes to mitigate them.
Furthermore, says Tausek: “By automating and centralizing security processes using low-code automation, IT teams are granted full monitoring capabilities, ultimately ensuring that critical day-to-day processes remain undisturbed.”