Ports, terminals and logistics centers are now, above all, data hubs – TOS and PCS systems, pre-booking and customs platforms process thousands of pieces of information every day. Disrupting their operation triggers a domino effect: from the forwarder, through the customs agency, all the way to the end customer, who risks having production or sales halted.
Cybersecurity has stopped being an IT department problem. Today it is a real risk and a matter of survival in the market. One successful attack means a stopped clearance, contractual penalties, broken contracts and loss of customer trust.
Phishing targeting logistics
Companies in the logistics sector are seeing a growing number of fraud attempts. Criminals impersonate business partners, sending messages about allegedly unpaid invoices or invitations to tenders. Importantly, even a small company – a subcontractor or a local forwarder – can become a “back door” for an attack on a major operator.
Particularly dangerous are attacks aimed at commercial documentation: invoices, packing lists, certificates of origin, powers of attorney, or EORI data. Replacing a document with one that has a different bank account number or a modified goods value may lead to clearance being stopped, incorrect tariff classification, an incorrect customs value, and even administrative sanctions.
Even a minor change on an invoice can have serious customs and financial consequences. That is why document verification procedures are not bureaucracy, but a security element of the entire supply chain.
Disinformation as part of an attack
Alongside cyber threats, disinformation is becoming increasingly important, and the growing capabilities of artificial intelligence significantly strengthen its potential impact. Supporting a cyberattack with disinformation activities greatly increases its chances of success.
In institutions, disinformation may occur both as hostile attacks from outside and as a result of the actions of the organizational units themselves, for example in the form of communication chaos or selective sharing of information – explains Dr Eng. Rajmund Smolarczyk, a national security specialist and lecturer at the Department of Security at the Faculty of Law and Administration of WSAiB in Gdynia.
NIS 2 changes the rules of the game
The NIS 2 Directive imposes new obligations on companies in the TSL sector: risk analysis, supply chain security, and the implementation of an incident reporting system. The regulations also indirectly cover smaller entities that are part of the supply chain of larger operators.
The directive covers rail, road and air transport, as well as activities carried out within ports. Companies covered by the directive must implement multi-factor authentication, cryptography, as well as conduct regular security audits and employee training.
Compliance is the minimum. The real goal is business continuity and operational resilience.
How to protect yourself?
We recommend that operators:
- train employees to recognize phishing,
- introduce double-verification procedures for documents and emails,
- limit access to customs and commercial data,
- carry out regular system updates,
- work with trusted partners across the entire chain.
In the digital world, documents and emails are just as critical as means of transport or warehouses. Employee awareness on the forwarding and customs agency side is now just as important as knowledge of the regulations. We must treat cybersecurity as a priority.
