Threats

Cyber-Enabled Cargo Crime

May 15, 2026 00:05 · 12 min read
Cyber-Enabled Cargo Crime

Cyber-Enabled Cargo Crime: A Growing Threat

Cybercrime tradecraft is being used to steal freight, with entire truckloads of goods being re-routed and sold on the black market. This type of crime is becoming increasingly common, with approximately $725 million in cargo crime losses reported across North America in 2025, according to Verisk CargoNet.

The FBI Internet Crime Complaint Center (IC3) reported roughly $21 billion in cybercrime losses for the same period. While these numbers are staggering, they only represent reported losses, and the actual number of cyber-enabled cargo crimes may be much higher.

The Cybercrime Playbook

The techniques used by cybercriminals to steal freight are similar to those used in traditional cybercrime. They start by conducting reconnaissance, gathering information about potential targets, including United States Department of Transportation (USDOT) numbers, Federal Motor Carrier Safety Administration (FMCSA) registry information, motor carrier (MC) numbers, insurance details, and employee information.

Phishing emails are then sent to members of the operation's staff, including those in dispatch, customer service, or accounting, in an attempt to steal credentials. Once credentials are stolen, the attackers use them to compromise email accounts and listen in on shipment notifications, new load tenders, and bills of lading for shipments underway.

The attackers then inject themselves into these communications, making subtle changes to alter the planned route and redirect a legitimate load of freight to a different delivery location. Alternatively, they may register a new, fraudulent carrier with the FMCSA using stolen but valid identification details from a legitimate fleet.

A Familiar Kill Chain

The attack migrates from the cybersecurity world and into the operations space, where the attacker uses a compromised email account to listen in on shipment notifications and make changes to the planned route. This is where the two playbooks diverge, and the attack becomes a cyber-enabled cargo crime.

The process of investigating these crimes and recovering freight is an uphill battle, as many of the consumables stolen this way are sold within hours and consumed within days due to shelf life limits. By the time the legitimate shipper, broker, or motor carrier figures out what happened, their freight is gone, and they are left holding the bag for what can amount to catastrophic financial liability.

An Industry-Wide Problem

The defensive playbook for cyber-enabled cargo crime is not unfamiliar to most cybersecurity professionals. It includes phishing-resistant multi-factor authentication, out-of-band verification before any critical changes to banking information, routing details, or shipping documents, as well as strong vendor management processes and email security.

However, these types of controls are under-deployed in the transportation industry, particularly among small and mid-sized fleets. A trucking company with only a hundred or two trucks generates as much cyber risk as a much larger professional services firm, but they typically operate on very thin margins and a fraction of the security budget found in many other industries.

Where the Industry is Making Gains

The National Motor Freight Traffic Association (NMFTA) has published a Cybersecurity Cargo Crime Reduction Framework that specifically maps cybersecurity controls to the cargo crime threat vectors they can address. The framework is free to download and is built around six categories that will be familiar to any threat analyst: organized crime, insider threats and collusion, social engineering and deception, identity theft and fraud, and technical exploitation.

NMFTA also oversees and manages the Freight Fraud Prevention Hub, a central resource where motor carriers, third-party logistics providers (3PLs), brokers, and shippers, and professional truck drivers can find educational materials, resources, and guidebooks on how to prevent freight fraud and cyber-enabled cargo crime.

The NMFTA 2026 Cybersecurity Conference, to be held September 29-October 2 in Long Beach, CA, will bring together security practitioners and transportation professionals to discuss cybersecurity in the transportation sector. The conference will feature executive and technical content, hands-on experience, and tabletop exercises, and will cover topics ranging from cyber-enabled cargo crime to heavy vehicle OT security.

Source: BleepingComputer

Source: BleepingComputer

Powered by ZeroBot

Protect your website from bots, scrapers, and automated threats.

Try ZeroBot Free

Related Articles

Threats

Belarus-Linked Hackers Target Ukraine Officials

A Belarus-linked hacking group, GhostWriter, has launched a phishing campaign against Ukrainian government officials using fake emails disguised as messages from an online learning platform to deliver malware.

May 22, 2026 12:05 · The Record 12 min read
Threats

Kimwolf Botnet Alleged Leader Arrested

Jacob Butler, a 23-year-old Canadian man, was arrested for allegedly running the Kimwolf botnet, which initiated over 25,000 DDoS attacks and caused millions of dollars in financial losses.

May 22, 2026 08:02 · CyberScoop 12 min read
Threats

Crypto Drainers: How They Work

Crypto drainers are tools designed to steal cryptocurrency assets by abusing wallet permissions and transaction approvals, often through social engineering tactics.

May 22, 2026 00:10 · BleepingComputer 12 min read