Cyber Threats for the Trucking Industry

Cyber risk through a virus, spam, malware, data breach, and extortion ranks amongst the predominant exposures crippling operations.  The entry of ill-intended individuals into computer systems has evolved as systems and firewalls become more complex. At one-time risk, management considered the replacement of hardware and focused on the air-cooled terminal hosted rooms when it referenced computer exposures.  Risk management still focuses on these areas, but technology has advanced to such a degree that intense concentration has shifted to cyber threats and prevention.

A computer virus is a program or piece of code that is loaded onto your computer without your knowledge and runs against your wishes. Viruses can also replicate themselves. All computer viruses are human-made. A simple virus that can make a copy of itself over and over again is relatively easy to produce. Even such a simple virus is dangerous because it will quickly use all available memory and bring the system to a halt. An even more dangerous type of virus can transmit itself across networks and bypass security systems. (source Webopedia).

If a virus infiltrates a computer system, it has the potential to cause instant paralysis.  Computers have become the heart of the operations while the staff has evolved to being the arteries.

It is not only the systems that create concern but depending on how serious the threat is, the company’s reputation is also at stake.  If a system has been hacked, the reputation of the company instantaneously starts to erode.   It is imperative that at the offset, immediate action and containment are evident to preserve the reputation and cement confidence to providers and vendors that a company has invested in containing the exposure, and proactive measures have been triggered to remedy the violation.  Immediate action is needed to instill confidence that access to outside providers has been eliminated.

A virus can cause devastating effects on company operations.  Back up, methods will not be prompt remedies if the virus infiltrated the system and affected the sole glimmer of hope.  Even if the backup can restore the system, IT will have to ensure that the virus has not contaminated the backup and run several checks before reinstalling programs.  All precious time is lost, and in the interim, the company’s credibility to their customers and providers continues to diminish.

Investment in security and recovery management is commonplace, from the simplest to unique computer systems.  Management should also review implementing restrictions to users of the system that enforces limitation or access to vulnerable sites to tracking and permitting access of viruses.  Internal systems should also redirect spam from regular users, thus creating more limited access to infiltration of spam/malware.  A disaster plan should be created internally and include pre and post-implementation with all staff.  Users are the most vulnerable conduit in permitting viruses to seep into a computer system. This audience should be alerted to the importance of regular password changes, email etiquette, and identifying potential spam correspondence (web sites can be easily created to appear quite similar to familiar web sites; however, the HTTP identification is not), and what to do with unfamiliar emails.  All should be outlined, available in corporate manuals, and discussed at the offset of employment.

Management should also speak to all users about the internal system protocol. The main contact will be for any system issues, laptop security expectations, cell phones, access to company computers through personal computers, email etiquette, and USB data list, a few topics of consideration. Management should engage with discussions on cyber insurance with their insurance Brokers to complement and reduce financial exposures.

Identity and cyber theft exposures are vastly expanding.  Thieves are becoming more sophisticated, so early detection of victimization is unequivocally important.  Every effort must be made to educate and reduce risk at every level internally to minimize the exposure of data and cyber breaches.

Linda Colgan has been an Insurance Broker in the transportation industry since 1986 and is Senior Account Executive with Bryson & Associates Insurance Brokers Ltd. Feel free to email Linda at lcolgan@brysoninsurance.ca.

This article first appeared in the Ontario Trucking News.