The National Motor Freight Traffic Association (NMFTA) has issued another warning to the logistics and transportation industry as traditional cargo theft is being rapidly replaced by sophisticated, cyber-enabled heists.
CargoNet reported in October that it recorded over 700 cargo thefts in the US and Canada in the third quarter of 2025, with the value of the stolen goods totaling more than $111 million. According to the American Trucking Associations, thieves targeting freight shipments cost the US economy up to $35 billion per year.
While in the past thieves would in most cases rob truck drivers at gunpoint or break into trailers, this type of crime has become increasingly sophisticated, mainly driven by criminals’ reliance on hacker tactics.
According to the NMFTA’s 2026 Transportation Industry Cybersecurity Trends Report, crime syndicates have leveraged both traditional deception and cyber techniques in campaigns aimed at brokers, carriers, and shippers.
“These attacks served as the entry point for ransomware, data theft, and extortion schemes, and increasingly formed the foundation for cyber-enabled cargo crimes. Across the sector, the correlation between digital compromise and physical theft is now unmistakable. Cyber intrusion often precedes or directly enables theft of freight.”
Proofpoint recently detailed the activities of a threat actor that has been hacking into the systems of transportation companies with the ultimate goal of stealing physical goods.
The hackers deployed remote access tools on carriers’ systems, enabling them to hijack accounts, which they can use to book loads and divert valuable shipments to their own operatives.
Social engineering is one of the most commonly used tactics. It can be useful for gaining initial access to victims’ systems, impersonating carriers, hijacking accounts, and manipulating load tenders and other dispatch documentation.
However, there are many other cyber-related elements involved in attacks on the transportation sector.
For instance, criminals can acquire internal data belonging to a targeted company from the dark web, including shipping lanes, driver records, billing templates, and insurance information, along with credentials that grant access to their networks, all stolen in previous breaches suffered by the target. This information can be highly useful in planning and carrying out an attack.
AI can also play an important role, as it enables attackers to write convincing phishing emails or generate deepfake voice calls to trick victims.
“Bad actors used AI-generated emails, deep-fake voice calls, and spoofed dispatch updates to misdirect shipments or extort payments through fraudulent detention or lumper fees. In many cases, attackers used business email compromise (BEC) to take over legitimate communication channels and fraudulently book loads, deliver false pickup authorizations, change banking information, or change delivery instructions.”
Attacks conducted by cyber-enabled cargo thieves have also involved the infiltration of dispatch systems, and spoofing or jamming of GPS signals to facilitate the theft of shipments.
While cyber-enabled theft is rampant, the NMFTA has also seen some positive trends, including the fact that the transportation sector is embracing cybersecurity awareness training.
“Fleets and logistics companies that invested in ongoing social engineering awareness training and phishing simulations saw measurable reductions in successful social-engineering incidents,” the organization said.
Related: Hackers Stole 300,000 Crash Reports From Texas Department of Transportation
Related: GAO Tells Coast Guard to Improve Cybersecurity of Maritime Transportation System
