Exclusive: Logistics firms face rising OT cyber threats amid global tensions
According to Leon Poggioli, ANZ Regional Director at Claroty, the recent cyber espionage affecting logistics firms supporting Ukraine is not an isolated trend but part of a broader pattern.
"There's two key reasons nation states do this," he explained during a recent interview with TechDay.
"One is to disrupt the other nation's defences, and the other is to put political pressure on the general public by interfering with their supply chains."
These attacks frequently target operational technology (OT) systems - the core infrastructure behind physical processes in logistics, energy, manufacturing and healthcare. Poggioli said attackers exploit connectivity in these environments to carry out sabotage remotely.
"A lot of these environments have some kind of external connectivity, so that gives an attacker an ability to remotely trigger a cyber attack and disrupt those supply chains."
In some cases, tactics have extended to disrupting weapons infrastructure, such as drones.
"When one nation uses drones, the other will defend itself by trying to jam signals and disrupt that infrastructure," he explained.
Compared to IT systems, OT vulnerabilities can be far more complex and risky to remediate. Poggioli noted that in OT, even small changes can impact safety and operations. "In the IT world, it's easy to push patches out," he said.
"In OT, even a minor change can disrupt operations, so remediation needs to be more targeted."
Claroty's platform is built to help organisations quickly cut through large volumes of vulnerability data to find what really matters. "A site may have 1,000 vulnerabilities, but we can whittle that down to the five that make the most impact," he said.
"That becomes a manageable number that a cyber leader and OT asset manager can act on within weeks."
Recent data from Claroty's global survey of cybersecurity professionals reinforces the growing financial and operational risks posed by cyber attacks on cyber-physical systems (CPS).
Nearly half of respondents (45%) reported financial impacts of $500,000 USD or more from such attacks in the past year, with over a quarter suffering losses of at least $1 million.
These costs were largely driven by lost revenue, recovery expenses, and employee overtime.
"It's a growing concern across multiple sectors, particularly in chemical manufacturing, energy, and mining – more than half of organisations in those sectors reported losses over half a million dollars," Poggioli said.
Ransomware remains a major burden, especially in sectors like healthcare where 78% of organisations reported paying over $500,000 to regain access to encrypted systems. "These are real costs, not theoretical risks," he added. "And they're rising."
Operational downtime is also widespread. Nearly half of global respondents experienced more than 12 hours of downtime following an attack, with one-third suffering outages lasting a full day or more. "When operations halt, the financial and reputational damage mounts quickly," Poggioli said.
He added that one of the most pressing vulnerabilities is the level of remote access in these environments.
"We're seeing around 45% of CPS assets connected to the internet," he said. "Most of that is done through VPNs that were never built for OT security."
Third-party access is another growing concern, with 82% of respondents saying at least one cyber attack in the past year came through a supplier.
Nearly half said five or more attacks stemmed from third-party connections, yet 63% admit they don't fully understand how these third parties are connected to their CPS environment.
Poggioli pointed to this as a critical blind spot. "Legacy access methods and poor visibility are allowing attackers in through the back door," he said.
Even more concerning is the risk from insiders. "You want to be able to trust your team, but someone with inside knowledge can do more damage than an external attacker," Poggioli said. "Even air-gapped environments need constant monitoring."
A cyber attack on Denmark's power grid in 2023 served as a wake-up call.
"One operator didn't even know they had the vulnerable firewall in their system," he said. "That's why visibility is so important. You can't secure what you don't know exists."
While preparedness across the logistics sector varies, Poggioli believes the industry is slowly recognising the strategic value of cybersecurity.
"It's going to become a point of competitive advantage," he said. "Customers are going to start asking serious questions about cyber security and supply chain integrity."
He drew a sharp distinction between cyber criminals and state-backed actors.
"Cyber criminals want fast financial gain, but nation states are more focused on political objectives," he said. "They have better resources and longer timelines. That changes the game."
Poggioli warned that just because no incident has occurred doesn't mean attackers aren't already embedded in critical networks. "There's growing evidence of adversaries nesting in these systems," he said.
"My hypothesis is they're preparing for future conflict. If war breaks out, they're already in position to strike."
For logistics firms looking to strengthen their defences, Poggioli said the first step is basic visibility.
"Most people I speak to admit they don't know 100% what's out there or how it's connected," he said.
"Start with an asset inventory. Once you have that, you can start risk modelling and reduce exposure."
There are signs that resilience strategies are making a difference. According to the Claroty report, 56% of professionals now feel more confident in their CPS systems' ability to withstand cyber attacks than they did a year ago, and 72% expect measurable improvements in the next 12 months.
Still, Poggioli said complacency is not an option.
"If you don't know how big the problem is, you won't know how to solve it," he said.
"Once you understand the risks, you can act to protect your operations and show the business the value of cyber security."
Try Our AI Features
Explore what Daily8 AI can do for you:
Comments
No comments yet...
Related Articles
Techday NZ
6 hours ago
- Techday NZ
Teradata VantageCloud delivers 427% ROI & cuts costs with AI
Organisations using Teradata VantageCloud have recorded an average return on investment of 427% over three years, along with a typical payback period of 11 months, according to a new study by Nucleus Research. Study findings The independent analysis by Nucleus Research assessed the financial and operational impacts of Teradata VantageCloud amongst companies across sectors including healthcare, insurance, and telecommunications, with employee counts from 5,000 to 45,000. Results show that, on average, adopters saw annual benefits totalling USD $7.9 million, alongside the substantial ROI and rapid payback time. Alex Wurm, Senior Analyst at Nucleus Research, said, "The financial results demonstrate that enterprises can achieve substantial returns while modernising their data infrastructure. Teradata's innovative approach combines cloud with hybrid flexibility and addresses the real-world constraints organisations face, delivering both immediate operational benefits and long-term strategic value." The study highlights that cost reductions and operational efficiencies played a significant role in the financial advantage reported by respondents. For example, a telecommunications company was able to avoid the expense of a seven-year infrastructure upgrade, saving USD $350,000 annually through the use of the Teradata platform. The company also benefited from a 43% reduction in administrative overhead by moving to a fully managed service model, providing annual direct cost savings of USD $735,000. Operational improvements Performance enhancements also contributed to the results. According to Nucleus Research, the study found improvements in data processing performance ranging from 25% to 30%, while backup operations became 87% to 90% faster compared to traditional manual methods. These increases in automation and speed enabled IT teams to allocate more resources to strategic projects, rather than day-to-day administrative duties. Organisations making use of Teradata VantageCloud for artificial intelligence and machine learning reported faster model delivery, with speeds increasing by 26% to 75%. In some cases, model deployment times were reduced from over a month to just a week. The accuracy of AI models developed using the ClearScape Analytics platform by Teradata saw lifts of 10% to 15%. "By integrating Teradata's advanced analytics into our retention strategies, we're not just predicting customer churn – we're preventing it. After transitioning to Teradata's ClearScape Analytics, our AI-driven churn modeling saw a 10-15% lift in accuracy," noted a telecommunications provider. Real-time results Examples cited in the study include a healthcare provider with a patient base exceeding three million, which was able to reduce integration timelines by 67% by consolidating previously siloed systems. Elsewhere, a commercial insurer handling 200TB of data reported the ability to process a full day's financial transactions in just 10 minutes, a change attributed to real-time analytics that underpin quicker decision-making. Assessment methods Nucleus Research conducted detailed ROI assessments through interviews with Teradata VantageCloud customers. The analysis covered total costs and benefits, including software subscriptions, consulting, personnel changes, and operational impacts over the three-year evaluation period. Standard NASBA accounting principles were applied to ensure accuracy and credibility in the reporting process. For organisations seeking to calculate their potential return from adopting VantageCloud, Teradata now offers a business value assessment tool. The calculator, which uses Nucleus Research-verified data, aims to help companies gauge possible financial outcomes by entering details about their current operational environment and project objectives.
RNZ News
7 hours ago
- RNZ News
Claims a banking class action is under threat from law change
Photo: There are concerns a class action lawsuit against two of our biggest banks will be undermined by a law change going through Parliament. The government introduced a bill to amend the Credit Contracts and Consumer Finance Act at the end of March. Among the changes - the redress for customers if banks or creditors fail in their disclosures. Currently lenders have to refund all fees and interest charged if they were in breach of disclosure laws; what's proposed would see that left to the courts to decide what is 'just' and 'equitable' in any breach. The proposed change comes as over 150,000 customers of ANZ and ASB undertake a class action over breaches made by both banks between 2015 and 2019. But Scott Russell, the lawyer leading the class action , is concerned about the fairness of the law change, given it will apply retrospectively.
RNZ News
9 hours ago
- RNZ News
Iwi businesses out performing many of NZ's largest businesses
New data shows iwi and hapu owned businesses have emerged from the economic downturn in good shape and performing well. The ANZ NZ report shows these commercial entities are performing better than many of this country's largest listed companies for the 2023 -24 financial year. The findings come from long running collaborative research including 10 years of data and involving 38 iwi/hapu entities managing treaty settlement assets. This report from ANZ comes just months after a report by the Ministry of Business, Innovation and Employment into Te Ohanga Maori - The Maori Economy- found that it is a significant, and increasingly important contributor to the wider economy of New Zealand. ANZ's Head of Maori Relationships, David Harrison, joins Kathryn to talk about the latest report's findings. To embed this content on your own webpage, cut and paste the following: See terms of use.
