Logistics and Shipping Firms receive access and credentials offers from Cybercriminals amidst the pandemic

November 29, 2021
Logistics Shipping Firms Access Credentials Cybercriminals Transport Supply Chain Fraud Prevention

A published analysis of the current black market trended online revealed that cybercriminals offer initial access to networks owned by leading players from worldwide supply chains. Security researchers also warned that the initial access brokers (IABs) are the ones who offered initial access for logistics giants and international shipping firms throughout ground, sea, and air.

Because of the global COVID-19 pandemic, supply chains worldwide are among the industries that have been greatly affected. Supply chains have suffered from more than chip shortages, but also because of the worldwide lockdowns and company closures, it caused them an overload of backlogs. Despite the world gradually rising from the effect of the pandemic, the demand for necessities such as food and electronics remain high. 

 

For this reason, cybercriminals such as ransomware threat groups have leveraged the situation to offer access for logistics giants and shipping firms. 

 

Cybercriminals typically acquire access from vulnerabilities in the Remote Desktop Protocol (RDP), SonicWall, Citrix, virtual private networks (VPN), brute-force attacks, misconfigurations, and data breach or credential theft. 

Furthermore, security researchers stressed that the precarious disposition of the logistics and shipping firms amidst the pandemic and as the year heads into winter can contribute a negative impact on the consumer economy worldwide. 

Thus, dark web listings have been examined by security researchers for the past few months to understand the standing of IAB listings linked to the global supply chain. 

The examinations revealed that there had been several cases of access and credentials offers coming from both established and new IABs. Two cybercriminals have claimed about securing access to a Japanese shipping firm’s networks last July, together with stolen working account credentials. 

In addition, another cybercriminal linked to the Conti ransomware group claimed that they had infiltrated the networks of an American transport and trucking software supplier and a commodity transport firm. 

Security researchers said that cybercriminals persistently target the logistics and shipping industry, and these attacks can inflict a major ripple effect on the global economy. Therefore, they highly recommend that security teams of logistics firms diligently monitor and track their industry’s adversaries, such as their tools and malicious activities. Proactively addressing these concerns can help the entire industry eliminate the chances of cyberattacks and avoid furthering the already baffled business operations. 

About the author

Leave a Reply