Evolving Threats: Adapting to Trends in Maritime Cargo Theft

The maritime industry exists to move goods and people via the oceans, lakes and rivers. These goods range from breakbulk—such as wheat, coal, gravel—to thousands of containers moving high-value cargo. Unfortunately, cargo theft in the U.S. is a $15 to $35 billion enterprise that affects seaports, airports, trucking companies and shipping companies daily.

The cargo thefts are not necessarily focused on high-value goods such as semi-conductors and precious metals, but also on food and beverages. For instance, in the Seattle area, one thief posed as a Safeway employee and attempted to steal more than $700,000 of king crab for resale.

More recently in Spain, thieves stole 12,500 gallons of extra virgin olive oil. The thieves loaded about $537,000 of the prime oil into two tanks at night in an operation that only took two hours. The motive for this theft was the premium value of the olive oil and the money to be made reselling it.

In August 2023, Scott Cornell of Travelers Insurance said that cargo theft is at a 10-year high.

“January 2023 was up 61% year over year, February was up 49% year over year and March was up 82% year over year,” he stated.

Supply-Chain Security: Principal Problems

There are multiple ways petty thieves and organized crime can steal goods at rest and in transit. As these different approaches are listed, take a moment to think about ways your company can be affected and how you are protecting your goods. The more you know, the more prepared you and your team can be to reduce and even stop these thefts.

Here are the ways you can be negatively impacted:

Bogus companies: Unknown and “dark” companies are sometimes operated by organized crime. Someone picks up the goods, but never delivers the cargo to its intended destination. These companies surface when reputable freight handling services are difficult to find. One “company” illegally placed the logo of a reputable shipping company on their white box van and fooled a company into loading the goods which were ultimately stolen and resold/fenced.

Corruption: Corruption can occur at just about any point in the supply chain. This can include bribery of officials, drivers, warehouse managers, etc. where money or benefits are exchanged to allow for theft and redirection of goods. (https://bit.ly/3Pzmnwb) 

Counterfeiting: Counterfeit goods are a significant problem in the supply chain. This is especially true for semiconductors that can be recycled, cloned, relabeled and forged. Of course, there are other high-value goods subject to counterfeiting such as watches, electronics, high-end clothing, etc. Basically, the problem is the buyer is not getting what they paid for.

Data Theft/cybercrime: Cyber-attacks have been reported in the maritime and logistics sector and have impacted such digital services as:

  • Monitoring cargo or consignment tracking systems and stealing confidential data
  • Distribution of links to malicious websites or files via email, and
  • Deploying fraudulent websites thus redirecting users to other malicious websites and obtaining personal information (e.g., phishing).

In a case cited by insurance company TT Club, the Port of Antwerp had been a victim of a persistent cyberattack since 2011 commissioned by a drug cartel. The attack targeted terminal systems which were subsequently compromised by hackers and used to release containers without the port authority’s awareness. Illicit drugs, contraband and firearms worth about $365 million were seized when authorities finally became aware of the cyberattack. (https://bit.ly/3RhiKfH) 

Document fraud: False bills of lading, product certificates, driver’s licenses and corporate identities are a prevalent problem in the supply chain. Document fraud can also include:

  • Counterfeits, which are unauthorized reproductions of genuine documents
  • Forgeries, which are alterations of genuine documents
  • Identity and travel documents, and
  • Bank statements, Social Security checks and W-2 forms.

Insider fraud: In this instance, one of the “trusted employees” in the supply chain is instead working for a criminal enterprise or simply stealing for him/herself. The insider could redirect a shipment at the loading dock or steal part of a delivery for their own use. This issue can be addressed with periodic background checks and monitoring for suspicious activities. Also, training drivers to check first with the dispatcher or receiving customer before redirecting the delivery to a different location.

Product diversion fraud: Examples can include janitorial staff diverting some of the “high-value waste” to resale (e.g., outdated pharmaceuticals, confidential documents, etc.). In one case, a manager told of a case where their products were resold to an international wholesaler. Eventually these products were diverted back to French markets for higher profit margins.

Product specification fraud: Probably one of the most egregious product specification frauds was the “Chinese Milk Scandal.” The 2008 scandal involved Sanlu Group’s milk and infant formula being adulterated with the chemical melamine, which resulted in kidney stones and other kidney damage in infants. The chemical was used to increase the nitrogen content of diluted milk, giving it the appearance of higher protein content to pass quality control testing and meet product standards. Sadly, this resulted in hospitalization of 54,000 children. (https://bit.ly/3ZaNbpV)

Smuggling: The supply chain can be readily used for drug, weapons, wildlife parts (e.g., rhinoceros horns) and counterfeit trafficking. The supply chain also can be used for human trafficking due to the volume of materials handled daily and because containers can be modified to hide people being illegally moved. A contemporary issue for the U.S. is the smuggling of fentanyl and the components that can be used to manufacture it. However, smuggling can also happen to avoid high taxes for products such as tobacco and alcohol.

Terrorism: One concern for some observers—terrorists could hijack trucks and ships to exploit them in attacks. In this area, the U.S. Government initiated the voluntary Customs Trade Partnership Against Terrorism (CTPAT). The purpose of CTPAT is to partner with the trade community for the purpose of securing the U.S. and international supply chains from possible intrusion by terrorist organizations.

Theft/robbery/hijack: This has been noted above. However, ever since the early days of piracy on the high seas and bandits on dirt roads, this is the most direct and easiest way to negatively impact the supply chain. These attacks include such impacts as:

  • Theft of the truck/container by stealing the truck keys
  • Providing false delivery instructions to the driver
  • Hijacking the vehicle/ship (e.g., piracy), and
  • Violence and extortion against drivers, warehouse operators and security personnel.

Protecting Your Supply Chain

There are multiple actions shipping companies and operators need to take to protect goods in transit. These actions range from simple approaches such as locking and sealing the container door to more elaborate cyber-defense actions. Here are some suggestions gathered from resources reviewed for this article:

Physical Security

  • Establish a secure perimeter, including walls, roof, fences and doors.
  • Tighten security at all shipping and receiving points.
  • Closely watch for suspicious activity, e.g., loitering trucks and people.
  • Ensure all warehouse doors and windows are equipped with locks and they are secured when not guarded.
  • Place adequate lighting in the yard around the warehouse/truck stop and inside buildings. Avoid dark areas and shadows where individuals can hide.
  • Install and monitor security cameras in warehouses and sensitive parking areas.
  • Consider installing alarm systems for unguarded doors and security cages, and
  • Use locked, hard-sided trailers for high-value shipments and storage.

Personnel Security

  • Ensure any unescorted personnel have valid credentials on their person and a background check has been completed (e.g., Transportation Worker Identification Card (TWIC), 
  • Install access control systems on doors and security cages. Consider issuing key cards for access control—these are difficult to copy and can be readily turned off, and
  • Ensure terminated personnel are not allowed on premises or permitted to access company computer resources following their release.


  • Implement a secure computer and operational technology (OT) architecture, including management-level procedures and policies, firewalls, account management, security updates and malware prevention.
  • Operate a “least-privileged” principle where information and access to data is limited to a need-to-know basis.
  • Employ a removable device policy with requirements that all USB drives are encrypted and tested for viruses before being used.
  • Vet your third-party IT and OT providers to ensure they are not a threat to your cybersecurity.
  • Frequently conduct cybersecurity assessments to ensure the system is adequately secure, and
  • Train your personnel on cybersecurity hygiene and incident response.

Administrative Security

  • Design, develop, and promulgate security policies and procedures for your supply chain operation.
  • Train security staff and full-time employees on security procedures and protocols, and
  • Share your security experiences with law enforcement, Customs and Border Protection, TSA and other shipping/handling companies.

Conclusion—Or Is it?

This article simply scratches the surface of the subject of supply-chain security. There are multiple threats to the supply chain from beginning to end, from raw-materials mining all the way to the ultimate customer.

The threats can come from an insider to a greedy government official to a terrorist. There appear to be multiple resources on this subject and the reader—especially the shipping company executive, ship captain and seaport manager—should take time to pay attention to these changes.

Learning from the U.S. Coast Guard, Customs and Border Protection, the TSA, your insurance company and physical and cybersecurity consultants will go a long way to protect your employees, your assets and our customers’ goods in transit.

For more information, or if you have any questions on cyber/physical security issues, contact columnist Ernie Hayden at ernie@443consulting.com.  

Ernie Hayden, MIPM CISSP GICSP (Gold) PSP, is an industrial control systems cyber and physical security subject matter expert. He has extensive experience in industrial controls security, the power utility industry, critical infrastructure protection/information security, cybercrime and cyberwarfare. His email is ernie@erniehayden.com.