Jonathan Sharrock (CEO Xlerated Assets) delivered a presentation to members on Friday 11 May 2018 in Melbourne at the Global Shippers Forum and ICHCA International Conference hosted by Freight & Trade Alliance (FTA), the Australian Peak Shippers Association (APSA) and ICHCA Australia.

• Whtie Paper released by Jonathan during the conference titled "CYBERSECURITY AND THE THREAT TO LOGISTICS - Confronting the Demands of Security and Data Privacy in a Networked Supply Chain" - refer HERE
• Conference sponsor TT Club, jointly with UK P&I Club (also managed by Thomas Miller) and cyber security consultants NYA, recently published a paper entitled '"Risk Focus: Cyber – Considering Threats in the Maritime Supply Chain".  This is available by contacting Sydney@ttclub.com 

FTA Commentary

Feedback is that the more prevalent types of attacks that have affected members include:

•    Ransomware (electronic files are encrypted with a virus and payment to Cyber criminals required to unlock them);
•    Phreaking (phone lines are hacked by Cyber criminals and expensive international calls are made over a period of time);
•    Social Engineering/Phishing (Cyber criminals hack into company email servers, set up bogus email accounts, impersonate directors & senior management requesting money be electronically sent to bogus, usually offshore, bank accounts)

Although these types of attacks have been well publicised, how do logistics businesses manage the associated risks?

Perhaps some real life case studies will help illustrate the issues and provoke thought about risk management.

In that regard, James Cotis (FTA Insurance Advisor) has received many phone calls from members who have been subject to Cyber-attacks and have explained their circumstances and resulting losses.

We are grateful to those members who have agreed to share their experiences below, on the basis of anonymity: 

•    A member suffered a ransomware attack. A staff member innocently clicked on a link contained within an email entitled "Children's Birthday Party Photos" and released a ransomware virus into their IT systems, locking all of their files. They had backups of their data and thought they would be OK. They were horrified to learn that their backup procedures hadn't been working correctly for around 18 months…which meant they didn't have viable data backups. In desperation, they paid 2 lots of ransom moneys totalling $42,000 in an effort to obtain the decryption keys for their data. Unfortunately, the encryption keys worked for only 85% of their data files. To help make up the 15% of missing data, the member has been contacting their clients, suppliers & others for assistance. Apart from the ransom paid, the member has experienced significant, disruption & labour costs in attempting to recreate the lost data, some of which they believe will never be recovered. The member estimates it will take around 7 months to completely resolve.

•    A member suffered a phreaking incident. Their phone lines were hacked and expensive calls were made to overseas destinations, including USA, Europe, Asia & the sub-continent. Coincidentally, the business regularly made calls to these regions at that time of the year, so and the spike in calls wasn't seen as unusual activity. It was 3 months before the fraud was detected, the cost being c. $28,000.

•    Two members suffered social engineering/phishing scams. In the first instance, a staff member was tricked into transferring 2 payments (within a few days of each other), totalling USD$120,000 to a USA bank account by a cyber-criminal impersonating the logistics business's Managing Director. Even though the staff member thought both requests were unusual, she noted that the words and intonation used in the bogus emails were identical to that used by the Managing Director, so she didn't give any further thought about transferring the funds…twice . Clearly the criminals had been watching the MD's email traffic over a period of time and then simply replicated the MD's methods of communicating via emails. 

In the second instance, a senior staff member was tricked into transferring USD$57,000 to a European bank account by a cyber-criminal impersonating one of the logistics business's overseas partners. The staff member was suspicious about the transaction and commenced an email dialogue with the "supplier" (who was really the cyber-criminal), asking a series of questions to satisfy himself as to the bona fides of the request. The cyber criminal's responses were accepted & the money transferred.

Although it seems trite to say, and time zone issues can apply, a simple phone call & conversation with the MD and the overseas business partner to verify the requests would have detected the criminal activity. 

When discussing these incidents with the FTA members, recurring themes were evident:

•    They were shocked that the incidents had happened;
•    They were convinced that their risk management systems and processes were adequate to prevent attacks such as these and used words like "Robust", "Foolproof", "Bulletproof" & "Couldn't Happen" to describe their systems and the likelihood of a successful fraud against them;
•    Their existing Information Technology service providers did not possess the necessary skills and experienced to be of much help.

Unfortunately, these members did not have insurance policies in place to cover Cyber related crime.

If you would like more information about how a carefully constructed Cyber insurance program can help protect your business, please feel free to contact James on 02 9328-3322, email jcotis@FTAlliance.com.au or click HERE to visit the Logical Insurance Brokers website.

Paul Zalai - FTA / APSA