A cyberattack can stop the entire logistical gear. When the systems stop working, the operation stops: unprepared orders, uncoordinated transport, unmoved goods. It is not a theoretical scenario, but a real one.
In 2017, the cyberattack known as NotPetya affected Maersk and left most of its systems unused. More than 70 port terminals in its network were paralyzed and thousands of equipment stopped working. The company could not manage containers, record movements or plan operations. For days, the company worked manually in part of its activity. The attack, which sought to damage Ukraine's economy in the context of the conflict with Russia, was introduced through accounting software used by the Maersk subsidiary in the country and by many other companies based there.
What happened made many companies in the sector aware that they were more vulnerable than they thought. If they did not make the safety of their systems a priority, the logistic flow could be stopped dry by an attack.
Today cyberattacks have both economic and geopolitical interests, as seen with NotPetya or as observed —according to some analyses— in the conflict between the United States and Israel against Iran. In these cases, the goal is to destroy systems and ransomware is used as a disguise to hide this purpose. For a logistics company, any attack, whatever its nature, means that the operation suddenly stops with goods in transit. It happened in Maersk in 2017 until it was able to react, and it happened again in 2022 with Expeditors International, which had to stop its systems globally.
This is how many companies in the logistics sector have improved the protection of their systems and have defined how to continue working when something fails:
Today, two types of logistics companies coexist: those that have already assumed that a cyberattack can stop its operation and have been prepared, and those that have not yet done so.