Recent research[1] shows that 70% of breach notices in the first half of 2025 did not specify the attack vector, reflecting gaps in visibility and attribution. This lack of transparency impedes response efforts. AI-driven analytics that fuse signals from multiple data sources can help close these visibility gaps and provide more precise attribution. This has also led to an increasing surge of cargo theft, as described in the SupplyNow video.
Here is a list of some of the more common vulnerabilities that hackers and organized crime are using to attack companies.
Strategic Theft “Strategic theft” is the practice of using identify theft, social engineering, or other forms of deception to fraudulently broker cargo and change its destination. Supply chain theft often occurs through a technique called “double brokering”, which involves organized crime networks, mostly occurring in California near the port of Long Beach. Double brokering involves duly authorized motor carriers and brokers clearly working together to essentially misrepresent themselves into a load that comes from a very real broker or shipper and eventually makes its way to a very real carrier, but at a rate that’s reduced from the original load agreement. The carriers secretly re-brokers it to another carrier without the shipper’s or original broker’s knowledge or consent, often leading to theft, non-payment, or liability issues for all parties involved. This practice bypasses proper vetting, leaving the ultimate hauler potentially unqualified, uninsured, or even nonexistent, and can result in significant financial losses, cargo damage, and supply chain disruptions. Experts say that this form of theft saw a 1,475% increase from Q1 of 2022 to Q4 of 2024 and that it now represents about a third of all cargo theft. As these threats continue to grow and proliferate, there’s never been a worse time to let our vigilance slip. But this is exactly what many organizations are beginning to do. By taking advantage of vulnerabilities in the supply chain, bad actors are already making billions of dollars stealing physical cargo, and they don’t even need to leave their homes to do it.
Advanced Persistent Threats – Hackers are persistent! APTs are long-term, targeted attacks often carried out by nation-states or organized groups. The Chinese government and Russian organized crime are notorious for infiltrating company databases, and exfiltrating proprietary IP and product designs over extended periods of time, all the while avoiding detection. Many North American companies have seen their proprietary designs showing up in China, with identical characteristics.
Zero Day Attacks – One type of attack can be characterized as “Zero Day Attacks”, so called because the organization has zero days to react, as they often occur well before IT administrators are even aware of the breach. By deploying malicious shellcode that scans networks for unpatched software vulnerabilities, APT groups are able to exploit areas of weakness. For this reason, it is essential that an organization, and its entire supply base, remain current on software patches, as even a few days is enough for a hacker to exploit a non-patched vulnerability.
“Man in the Middle” Attacks – Hackers are also on the lookout for employees that are traveling outside of the office for work and decide to connect via the closest publicly available network, instead of a secure network. As the employee’s laptop looks for the closest network, hackers will set up a device that mimics a fake wireless network. They may cleverly name it something that fools the user into believing it is an approved public network, such as in an airport, and may even have a mock icon. In doing so, the hacker becomes the “man in the middle”, who is capturing everything that the employee does on the network. They will pass on messages sent to other individuals, websites like Amazon, or other providers, but also now have access to the laptop.
Operational Technologies (OT) – Many cyber vulnerabilities for supply chains exist in operating technology (OT), which includes internet of things (IoT) devices, robots, industrial control systems, supervisory control and data acquisition systems, programmable logic controllers, and other technology that organizations use to connect, monitor, manage, and secure their industrial operations. These tools and technologies are increasingly at risk, and many organizations are woefully unprepared. Although malicious email attacks are common, more organizations are requiring practices like multi-factor authentication to reduce the risks of such attacks.
[1] Verizon 2025 Data Breach Investigations Report
