The transportation and freight forwarding industries are experiencing an increasing number of cyberattacks. A Trellix report from April 2025 reveals that in the first quarter of this year, 2.4 times more (136%) Advanced Persistent Threats (APTs) were detected in the United States than in the last quarter of 2024. The most affected sector was telecommunications (47% of detections), but transportation and freight forwarding were close behind (36%).
It is worth noting that although transportation and freight forwarding recorded the most incidents in the fourth quarter of the previous year, in the first quarter of 2025, they ranked second with an 11 percent increase in detected threats. Ernesto Fernandez Provecho from Trellix emphasizes that this also applies to transport companies, which are falling victim to ransomware attacks that paralyze their systems and lead to delays, financial losses, and data breaches. Attacks on subcontractors force companies to return to manual processes, and those targeting the supply chain hinder and delay the flow of goods. It should be explained what the mysterious English term “ransomware” means. Well, it is a type of cyberattack in which malicious software (ransomware) blocks access to your data or computer systems. This can include encrypting files, preventing the operating system from starting, and even blocking access to entire corporate networks. Attackers then demand a ransom (usually in cryptocurrencies such as Bitcoin) in exchange for regaining access to the blocked data or systems. Criminals often threaten to permanently delete or publicize the data if the ransom is not paid within the specified deadline.
As can easily be seen, the main motivations of cybercriminals are financial gain and the theft of data about shipments, customers, and employees. Some attacks aim to cause economic chaos or strike at critical infrastructure. Artie Crawford from the National Motor Freight Traffic Association points out the extensive structure of the transportation sector, which makes it an attractive target. The Trellix report indicates that 47% of APT attacks in the US originated from China, and 35% from groups linked to Russia, which largely targeted transportation and freight forwarding (55%) and telecommunications (40%). The increase in detections in the telecommunications sector was 92%, and in the technology sector over 119%. Provecho notes that incidents in these sectors have a direct impact on road transport, which depends on their infrastructure for navigation – GPS, telematics, and communication.
Additionally, the Interisle’s 2024 Cybercrime Supply Chain report warns of the growing interest of cybercriminals in the logistics sector, where they exploit unsecured communication channels and steal key information. The number of cybercrime incidents increased by 54%, and the use of mass-registered domains and subdomain abuse increased significantly, highlighting the risks associated with unencrypted communication.
Crawford emphasizes that strengthening cybersecurity practices is crucial for every transport company, which is supported by, among other things, the Roadmap to Resilience Guidebooks developed by NMFTA. He notes that “Cyberattacks are intensifying, and the transportation sector is increasingly a target for both cybercriminals and state-sponsored actors, and new technologies such as artificial intelligence and voice systems are expanding the spectrum of threats.”
Defense against cyberattacks requires a multi-faceted approach. One solution is not enough. Key is the combination of employee awareness, robust technical safeguards, regular backups, and a well-prepared incident response plan. Investing in cybersecurity is an investment in the continuity of operations and the reputation of all carriers.
Wishing you wide and safe roads, All About Trucks & Translab!!! We put Truckers first!!!!
