REDWOOD LOGINREDWOOD PORTAL
Cyber-crime is quickly finding its way into the LTL industry. Carriers across the globe are reporting being hacked through email scams, ransomware, phishing attempts and more. In some instances, the hackers are able to gain control of their customer database, bank account information, credit cards, and even embed tracking software inside of servers – which can track shipments; even those with high-valuable commodities. While most carriers employ IT experts to manage their CRM’s and TMS systems, being proactive about cybersecurity is not as much as a strength.
It’s often assumed that being proactive equals investing more money. But, in dealing with cyber threats, sometimes education and common-sense is the most effective weapon. Noted below, we’ll outline four steps that any LTL carrier can follow that will reduce the potential of falling victim to cyber threats.
The key to stopping any virus of the computer or physical variety – is reducing the potential of entry. Just like washing your hands, using sanitizers, and being aware of exposure to harmful bacteria can reduce the chances of you being sick, reducing the entry ports for cyber hackers can also reduce the potential of a computer virus.
Case in point, most of today’s cyber-theft occurs when a hacker gains access to the computer network. In most cases, the hacker will accomplish this task in one of three ways:
• They will send a hacking email attempt: In this method, the hacker will obtain an email address that is posted publicly and send a general email that is related to the business type. For example, if they are targeting an LTL carrier, they might send a rate estimate email, where they ask the LTL recipient to click a link to review the shipping details. This is where they gain access. As soon as that link has been clicked, a ‘trojan horse’ or another virus goes to work to penetrate the computer system.
• They gain access through click-bait websites: In this scam, the hackers will set up blog-style websites that post articles related to the entertainment industry or celebrity gossip (don’t worry – this blog isn’t one of those scams – we’re legit). The hacker will then purchase Google keywords or spend lots of money or resources improving search engine ranking, to inspire users to click on the link. When this happens, the computer network can be hacked.
• Corrupted attachments: The third, most popular method of hacking an LTL carrier is through a corrupted attachment, usually in the form of a word or PDF file. This method requires hacking the network of an LTL’s trusted partner, such as a client, vendor, or supplier. The trusted contact will send an email with a title similar to “need you to review billing” and attach a downloadable file. When the file has been downloaded and opened, it will appear to be blank or contain no content. However, by the time you’ve determined that the email is a mistake, the network has been hacked.
There are four general ways that any company can reduce the potential of being hacked through the methods of access posted above:
• Spend time educating employees on proper email use: Since the majority of hacking attempts occur through email attacks, the first logical step is to teach people about proper email etiquette.
• Set up a policy for reviewing email traffic (specifically rate requests): To avoid the “click this link to review our rate request” hack, set up rules for sending or reviewing rate inquiries. An example of this would be to require potential customers to submit rate requests through a secure online page hosted on your website. You can also request non-trusted sources to call your office to speak to a sales rep to weed out the hackers.
• Establish rules for internet browsing: While many of us utilize our work computers to complete research for our jobs, navigating click-bait entertainment websites or gossip-type news sites is not too conducive to efficiency. A good cyber-security program starts with education for all users on how to avoid these three possible issues. Make sure they are trained to not click links from emails, not to visit non-work-related websites (especially entertainment websites), and to only download attachments from trusted sources.
• Make Sure to Update Your Network Security Software: Most computers feature built-in cyber-security software. The problem is that most of the time, these systems are provided by the lowest bidder as opposed to the best source. If you are a Windows or Apple user, delete the third-party security software and use the factory Windows or Apple security software. Those two systems are best to protect your individual networks. A critical step in this process is making sure to update your system anytime it’s requested. These updates are used to patch holes in the security systems that have been discovered by other users with similar software.
The threat of cyber-security attacks will, unfortunately, grow before they slow down. In many instances, those who are hackers are the same people who developed the security systems used in the past. They know these systems inside and out, and also know how most people fall victim to cyber hacks through pretty simple methods. By following the tips listed above, any LTL industry provider will be better prepared to meet these threats head-on.