Cargo theft gets a boost from hackers using remote monitoring tools
Cybercriminals are targeting trucking and logistics companies with remote monitoring tools in order to hijack cargo freight, researchers at the cybersecurity company Proofpoint have found.
The hackers are working with organized crime groups to compromise companies involved in the freight supply chain, the report said — further fueling a massive growth in cargo theft in recent years. The theft of goods in transit in the U.S. rose 27% in 2024 and is expected to spike another 22% this year, according to the National Insurance Crime Bureau.
It’s estimated that the industry loses $35 billion annually to cargo theft. Increasingly, this theft involves a cyber component, with criminals taking advantage of an increasingly digitized system to intercept goods.
Proofpoint researchers have been observing a threat cluster active since at least June that has demonstrated a deep “knowledge of how the trucking and transportation industries work.”
The hackers use a handful of tactics, including infiltrating load boards — marketplaces where shippers and freight brokers connect with carriers — where they advertise fraudulent loads. When a carrier responds, they send emails with malicious URLs. In some cases, they compromise email accounts and send messages laden with malicious links that, when clicked, install legitimate remote monitoring and management tools like ScreenConnect, PDQ Connect and Fleetdeck.
After gaining access, the hackers carry out system and network reconnaissance and deploy credential harvesting tools.
“Once a threat actor has compromised a carrier, they probably will use their knowledge of the industry and any insider information derived from other compromises to identify and bid on loads that are likely to be profitable if stolen,” said Proofpoint, which over the last two months has observed nearly two dozen active campaigns.
They recommended that companies restrict the installation of remote monitoring tools, have network detections in place and to avoid downloading executable files sent via email.
The cargo theft scourge has been getting more attention on Capitol Hill lately, including legislation introduced in April that seeks to create a unified federal response to the issue. Meanwhile, the Department of Transportation recently solicited input from stakeholders in the freight industry on how to combat cargo theft, including cyber-enabled crimes.
James Reddick
has worked as a journalist around the world, including in Lebanon and in Cambodia, where he was Deputy Managing Editor of The Phnom Penh Post. He is also a radio and podcast producer for outlets like Snap Judgment.