Freight scams go cyber

When it comes to the challenges facing the trucking industry, the standard litany goes something like this: driver turnover, diesel prices … and freight scams.

Freight scams have always been there, of course. Thieves will naturally flock to a sector that handles 80,000-pound loads of merchandise conveniently packed into 18-wheelers that are sometimes left alone in a freight yard for the weekend or parked overnight along a lonely stretch of highway.

But the problem is getting worse, experts say. That’s partly because of the rise of the internet, where thieves can use keystrokes—rather than brute force—to divert freight. It has also opened the door to hackers, who can exploit human error to gain access to sensitive information—information they can then use to cripple a company’s networks or hold its databases for ransom.

Another factor in the upsurge of cargo scams is the increasing technological sophistication of the trucking industry. A few years ago, freight brokers spent their days phoning or emailing contacts they found on loadboards to book truck space—a process that was slow, but secure. Today, nearly anyone can book trucking capacity instantly through a digital freight matching (DFM) platform or smartphone app. While that approach is faster and more efficient, it also leaves users more vulnerable to online scammers.

“The biggest threat to the trucking industry isn’t from roads traveled or soft markets, but from cyberspace,” Joe Ohr, chief operating officer for the National Motor Freight Traffic Association (NMFTA), said in a recent release. “With rapid tech adoption, vulnerabilities are growing,” he added, noting that today, one in four cybersecurity attacks target the transport and distribution industries. “It’s crucial for carriers, shippers, and 3PLs [third-party logistics service providers] to prioritize efficient and effective cybersecurity measures to mitigate these risks,” Ohr said.

According to the NMFTA, companies hit by recent cyberattacks include some of the biggest names in the business: Ward Transport & Logistics Corp., Bison Transport, Estes Express Lines, Forward Air Corp., Marten Transport, the Port of Los Angeles, and the Port of Seattle. The full list is almost certainly longer, but many victims do not disclose the breaches out of fear of damaging their reputations or inviting follow-on attempts.

BUILDING CYBERSHIELDS

With cyberattacks on the rise and billions of dollars at stake, the industry is fighting back.

For an example of that, you need look no further than the American Transportation Research Institute (ATRI), a nonprofit trucking industry research group. Noting that cargo theft is “a common and growing problem,” ATRI voted earlier this year to prioritize research on what it termed the “cargo theft crisis.” Theft has evolved from thieves simply stealing cargo to using sophisticated impersonation schemes, the group said, adding that FBI statistics indicate losses from cargo theft amount to $15 billion to $30 billion annually.

But collecting data for the study won’t be easy. Many industry stakeholders are hesitant to publicly provide cargo theft data, the group said. To encourage participation, ATRI designed its survey with confidentiality in mind—even offering to sign a confidentiality agreement if needed. The aim of the study, which was launched in August, is to determine the scope of the cargo theft problem and to identify successful counterstrategies used by both motor carriers and freight brokers.

“Cargo theft is a pervasive issue that won’t go away without a collaborative effort,” Ben Banks, an ATRI member and vice president of Nashville, Tennessee-based truckload and logistics service provider TCW, said in a release. “With accurate cargo theft data, our industry will be able to quantify the issue and work more effectively with law enforcement and commercial insurance to combat this costly problem.”

As the threat grows, government agencies are doing their bit to protect industry players as well. For instance, the Federal Motor Carrier Safety Administration (FMCSA) recently issued an alert to truckers advising them of a phishing scam. In the notice, the FMCSA warned that hackers had been posing as FMCSA agents and sending spoofed emails to registered freight entities. These emails direct recipients to fill out forms asking for personally identifiable information, such as their social security or driver’s license number, or the carrier’s USDOT PIN, which could be used to gain access to its FMCSA account, according to the bulletin. It went on to note that the agency does not require such information on official FMCSA forms and that legitimate information requests would direct users to log into their FMCSA portal accounts.

HIGH-TECH WEAPONS FOR HIGH-TECH THREATS

Technology firms are also building up their cyberdefense arsenals, developing increasingly sophisticated tools to help their customers detect scams. Here are three examples:

• Loadboard operator Truckstop in September introduced a “Risk Assessment System” to guard against increasingly dynamic and digitally driven freight fraud. “Fraud in the freight industry evolves daily at a breakneck pace,” Julia Laurin, chief product officer at Truckstop, said in a release. “We are launching the Risk Assessment System to give our customers and network participants another practical tool that breaks the tension of protecting their business … . The solution leverages real-time data from Truckstop’s ecosystem to provide a proprietary view of fraud and business risks, using innovative technology to detect emerging fraud signals.”
• In October, freight-tracking technology provider Trucker Tools introduced its “Fraud Toolkit,” a suite of fraud identification features designed to help freight brokers protect their operations against increasingly sophisticated threats.

“The freight industry is facing unprecedented challenges from bad actors who are constantly evolving their tactics,” Trucker Tools CEO Kendra Tucker said in a release. “With the rise in sophisticated fraudulent activities, freight brokers need tools to identify fraud quickly. We know that double brokering alone claims $500 million [to] $700 million from carriers and brokers annually. Our fraud identification tools help our customers combat this.”

• This summer, transportation management software (TMS) developer Transport Pro announced that it had teamed up with Tive, a real-time logistics visibility service, to provide shipment tracking and monitoring in real time. Under the arrangement, Tive trackers are placed directly onto the cargo in a trailer, enabling Tive to monitor the cargo’s whereabouts at all times. Freight brokers can get real-time updates by checking their Transport Pro dashboard.

“Fraud and cargo theft have been a hot topic for the past few years. Freight tech providers have some great tools for vetting carriers, but there are still a lot of bad actors slipping through the cracks,” Kenneth Kloeppel, president and founder of Transport Pro, said in a release. “Fundamentally, tracking the actual cargo with a hardware device is the only way to keep an eye on the shipment.”

NO MAGIC BULLET

Freight fraud defense tools and widescale industry initiatives can take a big bite out of crime. But complete cyber-resilience may be nearly impossible to achieve, according to LevelBlue, a security service provider formerly known as AT&T Cybersecurity. That’s partly because the transportation industry is struggling to balance technological innovation with computer security: A recent report from the company shows that 73% of transportation respondents say the opportunity of dynamic computing innovation outweighs the corresponding increase in cybersecurity risk. And only 53% of transportation executives say that cybersecurity is included in their broader corporate strategy discussions.

But the C-suite may be forced to rectify the situation. “As digital innovation takes center stage, cyber-resilience will be crucial to earning and upholding stakeholder trust, “ said Theresa Lanowitz, chief evangelist of LevelBlue, in a release. And stakeholder pressure to step up security would be difficult to ignore.