Advertisement
Live broadcast

Referral to link: cybersecurity companies named top logistician vulnerabilities

Hacking attacks on the industry have increased by a third, delivery specialists admit
0
Photo: IZVESTIA/Sergey Lantyukhov
Озвучить текст
Select important
On
Off

Software has become the main vulnerability of Russian logistics companies to attacks by criminals in 2024, cybersecurity companies told Izvestia. One of the most common weaknesses was an insecure direct link to the facility. In addition, hackers actively used algorithms to use SMS for registration, authorization or password recovery, sending out thousands of such requests. As a result, logisticians were losing substantial funds on communication fees. On how fraudsters raid companies and leave thousands of Russians without parcels - in the material "Izvestia".

What attacks are made on logisticians

The most problematic place in the information security of logistics companies - specialized software, reported "Izvestia" experts of the company "Neuroinform" (specializing in the analysis and assessment of cyber risks).

- These reasons account for 38% of the total number of vulnerabilities in this area in the third quarter of 2024, - said the analysts. - Usually, companies write such software on their own, and it quite often contains critical vulnerabilities.

For example, in the first three quarters of this year, one of the most common weaknesses was an insecure direct object reference (IDOR, Insecure Direct Object Reference). This is a reference that contains, for example, a specific product or user account number. By changing its elements, you can enter other pages, seemingly closed for "entry from the street" and get hidden information.

- With the help of such a link, it is possible to view other people's orders with customers' personal data (full name, phone number, delivery address). In this case, attackers pick up the order identifier and see all the information on it without authorization," the experts explained.

About another third (26%) of logisticians' vulnerabilities are flaws in security algorithms in the use of SMS during registration, authorization or password recovery. Cybercriminals use a script to enter other people's phone numbers, the system sends out thousands of SMS - and wastes the company's money.

Weak password complexity requirements in software used to work with partners or contractors are also playing their part this year. This problem accounts for 14% of all hacks. In 75% of cases, these services had no password protection installed, and it is possible to access all company orders, upload a list of couriers with phone numbers, car brands and numbers, as well as delivery addresses and lists of goods.

- Unfortunately, hackers are quite successful in exploiting various vulnerabilities. To reduce the threat level, it is necessary to implement code verification on a regular basis and to train programmers in the basics of information security, - said Alexander Dmitriev, General Director of Neuroinform. - And of course, check your infrastructure for vulnerabilities at least once a year.

The sites of most logistics companies provide login and password access to the personal account, and therefore this segment is characterized by bot attacks of the sredential stuffing type, i.e. when hackers use real credentials stolen from another resource.

- In this case, cybercriminals try to gain access to the accounts of clients of a particular company by automatically searching and substituting the data required to log in," Mikhail Khlebunov, Servicepipe's product director, told Izvestia. - This is done with the help of bots. Since many people enter the same logins and passwords, in the absence of two-factor authentication, attacks can be effective.

He confirmed that if two-factor authentication is used on the site of a logistics company, such bot activity multiplies the number of SMS sent and, consequently, communication costs.

Major failures

One of the largest Russian logistics operators SDEK had a failure on May 27: it became known that the company could not send and receive shipments for technical reasons. The company's press service reported that the website and application stopped functioning.

On June 1, SDEK announced the restoration of parcel traffic. The website, personal accounts of individuals and legal entities, and mobile application resumed their work. After a few more days, most of the client services were restored.

Responsibility for the cyberattack on SDEK was assumed by the hacker group Head Mare. This association of attackers had not previously participated in illegal activities against domestic retailers. According to market participants, the hackers sought to cause maximum damage to the Russian delivery service. In the X account, they posted screenshots with confirmation of the hack.

In cyberattacks, the main victim is usually the company, as it has to take measures to counter threats or to eliminate their consequences, Artem Novikov, IT-director of SDEK, told Izvestia.

- Most often such attacks are aimed solely at causing damage, and attackers do not pursue material gain," he said.

Alexei Persiyanov, director of the security department of PEC, said that in January-October 2024, the number of cyberattacks on the IT infrastructure of transportation and logistics companies increased by 30% compared to 2023. According to him, attackers are becoming more active, developing and launching new fraudulent schemes.

With vulnerabilities such as IDOR, attackers can gain access to cargo information, which can lead to cargo manipulation. Sergei Chernov, CEO of the federal transportation company Skif-Cargo, said.

- This can cause delays in delivery, especially if additional checks or investigations are required," the expert emphasized. - Errors in the algorithms of using SMS as a second authentication factor can allow attackers to gain access to employee accounts, which can also lead to disruptions in order processing and, as a result, delays.

In addition, weak password complexity requirements can lead to attackers being able to easily gain access to systems. This can cause temporary work stoppages and the need to restore data.

Such attacks can have far-reaching consequences that go beyond individual organizations, Sergey Chernov stressed. A disruption to one company can cause a domino effect, affecting suppliers, manufacturers and retailers throughout the supply chain. This can lead to shortages of goods on store shelves, delays in production processes and a general decline in economic efficiency.

- The number of those affected could be in the thousands, given the scale of operations of large logistics companies," the expert said. - Delays in the delivery of goods can lead to financial losses for businesses, disruption of contracts and negative impact on the reputation of companies. In addition, the leakage of confidential information can cause legal consequences and undermine customer confidence.

Popular hacking schemes

One of the most popular schemes in the logistics segment is the theft of funds using phishing sites that simulate payment, said Artem Novikov. To do this, attackers create ads for the sale of goods, set a low price to attract attention. Interested people are sent a link to a phishing site for payment.

As a result, said the specialist, and the goods are not delivered, and the seller disappears. In the second scheme, the buyer pays for the goods through the site ads, its shipment - through the site delivery service, but inside the promised parcel is rags or trash.

- In the third scheme, attackers use hacker attacks to try to penetrate a company's critical IT infrastructure to disrupt its work," he added.

As Sergey Chernov pointed out, recently there has been an increase in cases of manipulation of employees through fake accounts of heads of organizations in social networks for the purpose of fraud and unauthorized access to confidential information.

- Attackers create fake profiles of top managers and get in touch with the company's employees, pretending to be executives," he shared. - Under the pretext of urgent tasks or corporate initiatives, they ask for access to internal systems, send confidential documents or make financial transfers to specified accounts.

Logistics companies are also recording an increase in attempts to gain unauthorized access to their systems by technical means. Attackers, he said, most often try to gain access to confidential information (data on shipments, customers and other financial information) to collect personal data for further extortion using social engineering.

- And also to disrupt the operation of systems: through DDoS attacks or interference in software," the expert said. - These actions can not only cause delays in operations, but also create additional risks to data security and the financial stability of companies.

A comprehensive approach to security, including technical means of protection and raising staff awareness are key factors in countering such threats. Sergey Chernov emphasized that logistics companies need to constantly improve their security strategies to protect themselves, their customers and partners from possible cyberattacks.

When paying online, PEC recommended that customers check the authenticity of websites, including their names and domains. If there are doubts, it is better to postpone payment, go to the necessary site yourself, check the availability of goods, services or contact the company. In addition, it is necessary to check the contents of the shipment upon receipt, which will help the delivery service to automatically fix the fact of substitution.

To prevent cyber risks, SDEK advises its customers to use complex passwords containing numbers, symbols and letters of different case. You should enter your personal data when registering in your personal account only in trusted services, and better in their mobile applications, use two-factor authentication and never give the code from SMS to strangers.

Interviewed experts suggest that by the end of the year there may be increased attacks on transportation and logistics companies, which are especially active during the period of goods delivery before the New Year: the volume of transportation is growing due to the abundance of sales, as well as the desire of companies to fulfill all the obligations of the year under contracts.

Live broadcast
Subscribe and get the news first
VK
Menu
Advertisement
RSS

Copyright for the iz.ru portal content visualisation system, as well as for the source data, including texts, photos, audio and video materials, graphic images, other works and trademarks, belongs to "MIC Izvestia" LLC

Partial quotation is possible only with a hyperlink to en.iz.ru

The site is operated with the financial support of the Ministry of Digital Development, Communications and Mass Media of the Russian Federation.

The advertiser is responsible for the content of any advertising materials posted on the portal.

The news, analytics, forecasts and other materials presented on this website do not constitute an offer or recommendation to buy or sell any assets.

Registered by the Federal Service for Supervision of Communications, Information Technology and Mass Communications. Certificates of registration Certificate of registration: EL № FS 77 - 76208 dated July 8, 2019. , Certificate of registration: EL № FS 77 - 72003 dated December 26, 2017.

All rights reserved © «MIC «Izvestia» LLC, 2025