Cyber attacks in the transport industry

The Transport and Logistics sector is particularly prone to cyber attacks, with data continually flowing throughout the supply chain, and digital systems continually tracking and monitoring goods throughout their networks. Yet, despite the growing risks, many haulage and logistics companies do not have adequate protection in place.

In June 2023, Kettering-based KNP Logistics Group, parent company of the 158-year old Knights of Old haulage firm, suffered a major ransomware attack that affected key systems, processes and financial information. The attack damaged the group’s financial position and ability to secure additional investment and funding, and as a result, the business was unable to continue. In September 2023, the group entered administration, resulting in 730 employees being made redundant.

KNP’s story is very much a cautionary tale, showing what can happen in a worst case scenario of a cyber attack. Ransomware attacks on UK organisations reached record levels in 2022, with this upward trend continuing throughout 2023, including incidents that have affected the UK’s transport and logistics sector.

Cyber threats to the transport industry

As cyber attacks become increasingly more sophisticated, so the threat to the transport and logistics sector continues to grow. The supply chain network is dependent on digital information to track the status and location of physical assets, together with monitoring other transit related exposures, such as geopolitical and weather-related risks. Given the vast quantity of data exchanged, the potential for significant business interruption and loss of income is greater than ever before.

Key cyber exposures (include, but are not limited to):

• Deployment of ransomware and encryption of target business data
• Exfiltration of confidential customer, third party and employee data, with the threat of selling/leaking online unless a ransom demand is paid
• Operations within the target business disrupted by Distributed Denial-of-Service (DDoS) attacks, designed to bring additional pressure on the victim to pay a ransom demand
• Business e-mail compromise events
• System failure/data corruption - where networks, systems and data cannot be accessed
• Reputational damage

Risk Management

As a matter of course, all organisations should take preventative steps to mitigate the risk of a cyber attack. Unfortunately, there is no silver bullet, and a good overall level of cyber security and controls remain key. At PIB we are working diligently to advance our own suite of risk management tools to assist customers in improving their cyber resilience.

Stand-alone cyber insurance policy

Given the complexity, prevalence and sophistication of cyber attacks, and potential damage inflicted to operational ability, income and reputation, the threat posed by cyber criminals needs to be taken very seriously. PIB recommends having an appropriate level of protection in place via a stand-alone cyber insurance policy. Such a policy provides so much more than just insurance, providing, for example:

• 24/7 access to IT forensics, data breach/legal experts & PR advisors to provide support in the event of an actual or suspected cyber incident
• Support in complying with data protection legislation and notification obligations in the event of a data breach
• Data restoration and rectification (even back-ups can be affected!)
• Access to specialist ransom and extortion advisors
• Access to cyber risk management tools

In addition to providing incident response services, cyber insurance is one of the key risk transfer mechanisms you should have in place to help deal with a cyber attack, because as the demise of KNP Logistics Group sadly illustrates, the threat is very real

At PIB, we recognise that our customers in the transport & logistics sector have differing levels of exposure, and we have expertise in tailoring cyber insurance solutions to individual business requirements. To find out more about cyber insurance and how PIB can help to better protect your transportation or logistics business, please contact the team today.