5 Defining Cyberattacks On Trucking And Logistics In 2020

Hackers hit the transportation and logistics industry hard in 2020. Many of the cyberattacks involved ransomware — essentially a vehicle for extortion.

Ransomware attacks aim to cause as much operational disruption as possible by encrypting data. Hackers then demand victims pay to restore access. Increasingly, so-called double extortion ransomware attacks are leveraging data theft and the threat of public release — or sale — of the data.

Ransoms can run in the millions of dollars. The attacks often never become public, particularly when companies opt to pay. Frequently, companies that heed law enforcement advice and refuse to pay are left dealing with the fallout of extensive disclosures of data.

FreightWaves reported on an array of ransomware and other cyberattacks during the year. They included companies with thousands of trucks and others with just a handful. Here are five of the most important ones.

Photo: TQL

5. Total Quality Logistics: Breach exposes partner carriers

Mystery still shrouds what happened at freight brokerage Total Quality Logistics in February. The Cincinnati-based company said hackers had breached its IT system and compromised sensitive information of some carriers. It even led to a carrier lawsuit alleging negligence in the hacking incident. The company insisted that the attack did not involve ransomware or malware of any kind. Regardless of what was behind the hack, TQL offers a cautionary tale about the potential repercussions of cyberattacks beyond the company itself.

(Photo: Jim Allen/FreightWaves)

4. TFI International: The high price of not paying

An August ransomware attack targeted TFI International Inc. TFII, one of the largest trucking and logistics companies in North America. While the attack itself appears to have impacted only TFI's Canada parcel and courier subsidiaries, including Canpar, the impacts are staggering. The subsidiaries resorted to manually sorting. It ended up costing TFI about $6 million in quarterly operating revenue. It appears that the company did not pay the attackers, who responded by leaking internal data to the dark web.

(Photo: Jim Allen/FreightWaves)

3. Daseke: Truckers' personal information exposed

The August ransomware attack on Daseke, the largest flatbed trucking company in the U.S did not appear to result in operational disruption seen at Forward Air Corporation FWRD. But the Conti ransomware gang stole a significant amount of data from subsidiary E.W. Wylie and posted it to the dark web, in an apparent response to the company refusing to pay the ransom. Troublingly, it included extensive personal data on current and former truck drivers. According to the company's last quarterly financial report, the attack did not result in any material loss. 

(Photo: Jim Allen/FreightWaves)

2. Forward Air: ‘Hades' ransomware gang brings multimodal disruption

The Tennessee-based trucking and logistics company was targeted by a new and relatively unknown ransomware gang called Hades in December. The attack directly or indirectly led to widespread disruptions across Forward Air's public-facing and internal operations systems. For days, customers weren't able to book loads. While Forward is far from the largest trucking and logistics firm in the U.S., it provides an essential link to airlines' cargo operations and has no peer that was immediately able to pick up the slack. While the company appears to be well on its way to normal operations, it remains to be seen whether Hades successfully stole data and how it might leverage it. Reached by FreightWaves, the hacking group declined to discuss the Forward attack but was eager to discuss leaks of data in other industries.

(Photo: Jim Allen/FreightWaves)

1. CMA CGM: An attack felt globally 

The September ransomware attack on France-based shipping giant and CEVA logistics owner CMA CGM offered a very public glimpse of what hackers can do in the supply chain. The attack was first detected in a shipping subsidiary, but the company ultimately disabled its entire core IT systems in response. Most of the disruption happened with e-commerce operations. Some functions were down for two weeks, but the impacts reflected the global scope of the company. In November, CMA CGM disclosed that the cost of the attack could cost up to $50 million. The Ragnar Locker ransomware reportedly targeted the company, according to Lloyd's List, but the hackers has yet to publicly release any data.

Click for more FreightWaves articles by Nate Tabak

Forward Air reveals ransomware attack, warns of revenue hit

TorQuest acquires Canada cold storage giant VersaCold

Forward Air likely hit in cyberattack, experts say

Posted In: cyber attacksFreightTechGeneral

Ad Disclosure: The rate information is obtained by Bankrate from the listed institutions. Bankrate cannot guaranty the accuracy or availability of any rates shown above. Institutions may have different rates on their own websites than those posted on Bankrate.com. The listings that appear on this page are from companies from which this website receives compensation, which may impact how, where, and in what order products appear. This table does not include all companies or all available products.

All rates are subject to change without notice and may vary depending on location. These quotes are from banks, thrifts, and credit unions, some of whom have paid for a link to their own Web site where you can find additional information. Those with a paid link are our Advertisers. Those without a paid link are listings we obtain to improve the consumer shopping experience and are not Advertisers. To receive the Bankrate.com rate from an Advertiser, please identify yourself as a Bankrate customer. Bank and thrift deposits are insured by the Federal Deposit Insurance Corp. Credit union deposits are insured by the National Credit Union Administration.

Consumer Satisfaction: Bankrate attempts to verify the accuracy and availability of its Advertisers' terms through its quality assurance process and requires Advertisers to agree to our Terms and Conditions and to adhere to our Quality Control Program. If you believe that you have received an inaccurate quote or are otherwise not satisfied with the services provided to you by the institution you choose, please click here.

Rate collection and criteria: Click here for more information on rate collection and criteria.