Blog in TTM: Stay alert to cybercrime
At the end of each year, the transport and logistics industry is paying increasing attention to ever-increasing cybercrime. Over the past six months, cybercrime has increased again, this time by 8.6 percent compared to last year. From May to October this year, 7.396 reports of cybercrime were registered with the police. In 2021, 6.809 reports were recorded over the same period. Even in 2020 and 2019, there were huge increases in the number of cybercrime incidents. In 2021, for example, there was almost a tripling of the number of reports within the Netherlands compared to 2019. A true shift from physical to cyber theft can be observed, according to the police. Needless to say, this ongoing trend also affects transportation companies and logistics service providers.
According to TLN, industry-wide, more than 40 percent of companies have been victims of a cyber attack. Our office also notes an increase in the number of cases related to cybercrime. It is striking that shippers, forwarders and carriers are still regularly insufficiently aware of the risks. Here the insurer or insurance intermediary also plays an important role. Many times cybercrime is not (sufficiently) insured on the goods transport insurance or carrier's liability. This while the shipper or carrier is often liable for the damage caused by cybercrime. In short, it is important to continue to create awareness of these risks. I will do this using a recurring practical example of identity fraud.
Online identity fraud is a common form of cybercrime. This fraud usually occurs on online freight exchanges or directly via email. On a freight exchange, criminals fake an account that they use to impersonate an existing carrier. It is also common for criminals to hack email details from a carrier and directly address the sender as being the carrier. To the sender, it then appears as if she is receiving an e-mail from the (hacked) carrier. Instead of a sender outsourcing a transport order to the bona fide carrier, it comes directly to the criminals. Then the criminals pick up the shipment at the loading address. The sender and cargo interests only get wind of this when the consignee complains that he never received the shipment. In most cases, the criminals have left by then. When inquiries are made with the carrier as whom the criminals presented themselves, it turns out that this carrier never accepted the transport order.
A transport order is set out in no time. However, the sender must always remain alert that he is dealing with the right party. The same, of course, applies to the main carrier who outsources a transport to a sub carrier. For example, an extra letter in a false e-mail address with which the criminals communicate is not easily noticed. Training personnel to (continue to) recognize irregularities is recommended. This all starts with a good risk perception that matches the actual threat. The actual threat is real and the statistics speak for themselves in this regard. Insuring these risks as much as possible can be essential, especially for companies that transport (or have transported) high-value cargoes. For shippers, cybercrime is (usually) not covered by standard cargo transport insurance if the cargo is stolen prior to transportation. This is often the case if the shipper gives the shipment directly to the rogue carrier. The shipper is also liable if he engages an unreliable carrier. This liability is limited under the FENEX terms and conditions, but these terms and conditions must be declared applicable correctly. And that often goes wrong, Also, the forwarder runs the risk of being considered a paper carrier if he has not made himself sufficiently clear as a forwarder. As a rule, the forwarder has unlimited liability if the cargo is stolen by a rogue sub-carrier. In contrast, most carriers' liability insurance policies have limited coverage of typically € 125.000 with a hefty deductible, up to 30 percent. If high-value cargo is stolen, the carrier can then still pay for most of the damage. With all the financial consequences that entails.
However, it is possible, in proper consultation with the insurer or insurance intermediary, to negotiate an adequate policy. I certainly also see an active role here for the insurance intermediary who is responsible for keeping his client's insurance policy up-to-date. In turn, the insurer can impose requirements on the insured for screening carriers and training personnel to prevent cybercrime. Because only with extra-careful measures can rising cybercrime be halted.