tation management software, says many of its clients relyon a compex IT (information technology) infrastructure intheir daily operations, noting that a typical logistics serviceprovider might have servers in its back office, telematics hardware on its trucks, and cloud-based networksused to manage maintenanceand other critical tasks. “It’simportant to have that standard so the same … controlsare in place across all the different [types] of technologya customer might be using,because a chain is only asstrong as its weakest link,”Sandberg says.
Another critical step in
cyber self-defense is to estab-
lish a recovery plan before a
disaster plan is not during the disaster,” Sandberg says. “If
you’re a trucking company and you get stuck with a cryp-
to-lock virus, how do you continue operations? If you’ve
identified certain elements as critical resources, you can
come up with mitigation strategies.”
As logical as that might sound, smaller carriers often
lack the resources to prepare disaster recovery plans ahead
of time, Sandberg says. On top of that, they frequently
lack the IT capabilities to distinguish between “white hat”
hackers—who are basically using their skills to help com-
panies identify digital vulnerabilities—and “black hat”
hackers who are plotting serious crimes, Sandberg says. A
cybercriminal looking for a
big payout might threaten a
company by freezing its data
and demanding a ransom, by
stealing and selling a com-
pany’s data, or by collecting
demographic information on
its employees in an attempt to
hire them away.
In many cases, an employeewon’t even realize that they’venot targeting someone; it’s indiscriminate. They’re just trying to get someone to click on the link so they can freeze theaccount and get them to pay a ransom,” he says.
In another approach, a hacker might target truck driversby offering them a free smartphone app that provides dis
