Cyber attacks within the haulage industry may not make national headlines in the same way they do for tech firms or financial institutions, but the threat is very real.
Because, while the highly publicised nature of cyber attacks against tech and financial firms has led to companies in these sectors putting significant investment into cyber defences, the same is not true of our sector. Cyber criminals are increasingly looking towards other types of companies to target, and, make no mistake, our sector is certainly in their sights.
The most widely publicised kind of cyber attacks today are ransomware attacks, most often caused when an employee opens an email and either clicks a link or downloads a file containing malware. This usually makes all a company’s files inaccessible, with the criminal demanding a ransom be paid to make the files available again. We hear about it when it happens to big corporations, but it’s actually a lot more common than you might think amongst smaller companies too.
However, an equally common but less publicised cyber theft is what is known as social engineering fraud. This is where your company is tricked into transferring money to the fraudster whilst making what seems like a normal payment. An email from the MD to the accounts dept requesting they make an urgent payment is very common. At first glance the email address will look totally normal to the recipient. Another fraud is where on a perfectly legitimate invoice, that you are expecting that the payee bank details have been changed. Once again, to someone who is not looking too closely this will appear 100% genuine.
Cyber attacks across all industries have been on the rise, and COVID-19 where so many of us are working from home has only accelerated this trend. Around 86% of all fraud was cyber-enabled in 2020 according to the National Fraud Intelligence Bureau. It is estimated that we are over 20 times more likely to be a victim of a cyber theft than a normal theft these days.
With the increased digitisation within our industry, and inter-connected cloud networks becoming a necessity as a result of the pandemic, cyber criminals are finding more opportunities, and taking advantage.
Never has the case been stronger for taking steps to protect yourself and for purchasing cyber insurance, to indemnify against the catastrophic losses that can be caused to a business if it falls victim to a cyber attack.
Direct Insurance Corporate Risks (DICR) has strong relationships with all the leading cyber insurers, and is able to work with them to tailor policies to the specialist requirements of haulage firms.
However, even without insurance, there are many things you can do to reduce your risk of falling victim to a cyber attack.
Regularly reviewing firewalls and cyber security systems is a must, but, according to cyber education company Cybint, 95% of successful attacks are down to human error.
Firms should be training employees in what to look for in a suspicious email, which may be carrying malware. This includes always checking the payee details on new invoices by phone (not using the phone number on the invoice). Staff should right click on internal emails to verify the address is genuine (the true email address will be revealed) , and the accounts team should be verbally checking any large or unusual payment requests they have received by email.
At RHA Insurance Services we are happy to have a conversation with you about what mitigation methods you should have in place, and, if you haven’t got one, help you put together a Cyber Response Plan for your business.
However, these strategies will never completely protect your business. While defence systems are improving to protect from cyber attacks, the criminals are also becoming more advanced in their techniques.
That is why cyber insurance is now a vital protection to have for any modern-day haulage firm – big or small.
No sector is safe from cyber attack, and we all need to take cyber security even more seriously than ever before .
Call Paul Beck on 01277 844360 or email Paul.Beck@dicr.co.uk to start a discussion.