© 2020 Content Security Pty Ltd.


“The Amazon Effect” and pandemic behaviours: E-commerce spike leading to increased cyber-risk in logistics

With more and more people shopping online for the first time, the logistics sector has accelerated their digital transformation, turning to new technologies such as automation, AI and IoT to meet increased volume and delivery demands. These innovations may allow logistics and transport companies to stay afloat despite industry pressures, but at what cost?

“The Amazon Effect” and 2020’s surge in e-commerce

Consumer behaviour has long been shaped by e-commerce giants such as Amazon and eBay, with more people turning to convenient online shopping every year. These e-retailers have diminished the status of brick-and-mortar stores, knocking in-person shopping experiences down a few rungs and perhaps after 2020, into potential non-existence. This is referred to as “The Amazon effect.”

The coronavirus pandemic only accelerated what Amazon and eBay already had in place. With lockdowns, quarantines and sheltering-in-place becoming the norm across the globe, many people delved into online shopping for the first time. While some online purchasing fell under entertainment needs – with people shopping as a way to pass the time in lockdown – the increase in online shopping behaviours was also born out of necessity, as many turned to online grocery shopping too.

What impacts are e-commerce trends having on logistics? 

The average consumer is already conditioned with heightened expectations around their online retail experiences, typically expecting free express delivery, as well as next-day or same-day shipping. Transport and logistics have already been under pressure with these delivery options on offer but with pandemic accelerating e-commerce growth by 4 to 6 years in under 12 months, the sector’s been met with fairly unprecedented demands.

The heightened expectations around transportation and delivery of rapidly increasingly volumes of online purchases have drastically accelerated change across the sectors. In fact, pandemic pressures have meant that transport and logistics have had to change the composition and schedule of their fleets, as well as invest in smaller trucks in order to do more frequent runs.

In conjunction with increased volume and delivery demands, the pandemic has brought a smaller labour force by necessitating stricter constraints on human interaction and disrupting every element of the global transportation network. This is where increased digital transformation enters – streamlining the fulfilment process, optimising output and ensuring non-contact deliveries.

IoT, automation and AI: the new logistics paradigm

The history of logistics has been imbued with automation and technological advances from the beginning. We’ve seen the steam engine, the forklift and now robotic pickers and packers. Following in this pattern of adoption, we can see the logistics and transport industry have rapidly adopted new Internet of Things (IoT) solutions and automation to fill the gaps left in the labour force.

How are logistics leveraging new technologies?

More recently, the logistics and transport industry have adopted things like autonomous delivery trucks, robotic/AI chat options for customer service, and automated high-rack warehouses with fully autonomous vehicles navigating the aisles.

Logistics have used IoT devices for real-time location tracking and environmental sensing. This not only ensures timely shipment of parcels, but also assists in non-contact delivery, allowing full visibility in the supply chain from the manufacturing unit to the parcel destination. Using real-time tracking is particularly useful in conjunction with environmental sensing, as this allows the entire supply chain to gather insights on the quality of their items and to keep track of pressure, humidity and light exposure. This is fairly important when you consider that more groceries and fresh produce have been delivered during the pandemic and people are likely to maintain this convenient habit of online grocery shopping.

IoT solutions are also used to derive information and insights on delivery packaging and weights, purchase data, inventory replacement, coordinating and optimising delivery schedules as well as performing quality assurance checks. They are integrated in fleet management, allowing for automated vehicle maintenance and driver scheduling.

What are some of the cyber security risks related to these technologies?

It’s great that the majority of the logistics sector are full entrenched in advanced tech – it’s sure to bring them gains in productivity, all while meeting consumer demands and reducing costs. However, a lot of logistics companies don’t understand the cyber security risks associated with these technologies and therefore lack the resilience to withstand potential cyber-attack. Note: the following should not be taken as a conclusive overview of the risk posed to the industry, but as a sample of the heightened risks around the technologies mentioned.

Like every industry – logistics is already vulnerable to a host of threats such as phishing, ransomware and malicious insiders. But IoT devices open the industry up to even more risk. IoT targeted malware is on the rise and these devices are  increasingly leveraged in DDoS attacks, with criminals using these as part of their botnets. Some reports are saying the proportion of IoT devices that have been used within botnets has doubled in the last 12 months.

Right now, IoT devices are at more risk than ever. The sheer volume of devices being used within logistics is worrying when you consider they’re not inherently secure. These smart devices are not manufactured with security built in and a lack of adequate protection means that these devices present cyber criminals with an expanded network of access points.

Are logistics companies prepared to deal with cyber security risks that might disrupt the entire supply chain?

What is most concerning about the lack of protection around these technologies is that all levels of the supply chain are at significant risk if a hacker successfully compromises one device or system. One of the primary purposes of these technological solutions is to provide enhanced connection and integrations, however the information being transferred across the units in the supply chain is likely unencrypted given that 98% of all IoT device traffic is unencrypted. This means that IoT device traffic is inherently vulnerable and if a hacker successfully intervenes, they could send new instructions to the next player in the chain, be able to reroute packages, cause major disruption throughout chain operations and siphon critical data.

Logistics needs to be proactive about cyber security

With ecommerce and online shopping behaviours becoming more permanent facets of our daily life, logistics must ensure they have a well-protected cyber space. This will be vital going forward if the sector is to maintain its status as a vital infrastructure for modern global trade.

A few recommendations:

Maintain visibility and security of IoT devices: 

Actively monitoring your IoT device ecosystem is key to managing IoT risk. Invest in an IoT management tool that does real-time monitoring and analyses of IoT behaviour. Ensure policies around regular patching of IoT devices are in place to minimise the risk of attackers exploiting vulnerabilities. This is one of the easiest ways for an attacker to bypass the network’s perimeter.

Cultivate cyber security awareness: 

A culture of cyber security awareness could make a world of difference for a logistics company under attack. Employees should be aware of the cyber-risks posed to the devices, data and applications they are handling and the larger implications around security breaches. They should abide by security best practices, such as changing default passwords and blocking unnecessary remote access. Further, they should know how to identify and respond to suspicious emails, links and attachments.

Collaborate with the professionals: 

According to the State of Logistics Technology report 2019, only 35% of service and solutions companies and 43% of shipping companies have a CISO. While the sector may be making strides towards integrating cyber security into their operations more seriously now, it is important for logistics companies to get help where they need it.  Industry professionals are skilled in data and device protection and have a wealth of invaluable cyber security knowledge logistics companies should surely leverage. In today’s cyber security skills shortage, this is one of the most cost-effective ways to funnel this knowledge into any business.

For more information please contact our cybersecurity professionals today.

Recent news