Hackers are infiltrating trucking and freight companies to hijack cargo, with cybercriminals working alongside organised crime groups to steal goods that are then sold online or shipped overseas, according to new research from Proofpoint.

The Sunnyvale, California-based cyber security firm said it has “high confidence” in the collaboration between hackers and crime rings, warning that the campaign could cost companies and consumers billions. In news first reported by Bloomberg, researchers identified nearly two dozen operations in the past two months, targeting trucking carriers and freight brokers with tools that grant remote access to corporate networks.

“This is a full-scale supply chain threat,” said Selena Larson, senior threat intelligence analyst at Proofpoint. “It has this sort of ripple effect across the entire ecosystem, from the ships that deliver them to the ports, that get picked up by the truckers, that get sent to businesses, and then ultimately onto consumers.”

The methodology relies heavily on social engineering and industry know-how, allowing attackers to pass as insiders and exploit systems designed to streamline logistics. One tactic involves compromising load boards, the marketplaces used to match carriers with shipments, and sending emails that mimic trusted brokers with malicious links disguised as onboarding documents.

“There’s a huge sense of urgency to get loads, and dispatchers — the ones who are usually trying to get the loads for the companies — they’re willing to throw caution to the wind if it means they might be able to get a load,” said Ole Villadsen, threat researcher and co-author of the report. In one case on 10 July, a carrier responding to a fraudulent posting received an email that linked to an “online setup packet” which was malicious, the research said.

Proofpoint’s team first identified a criminal group targeting cargo firms in 2024 and has since found evidence of at least three distinct groups employing similar tactics. The most targeted commodities are food and beverages, with Larson noting that energy drinks are often shipped overseas where some brands are banned or restricted.

Cargo theft losses increased by 27 per cent in 2024 and are projected to rise another 22 per cent in 2025, according to the National Insurance Crime Bureau, which estimates annual losses at $35 billion. While the attacks highlighted are centred on North America, the researchers said the problem is global, with indications some actors could be operating from Russia or Eastern Europe.

“The entire criminal chain of these cargo attacks represents a marriage of cybercrime and organised crime,” Villadsen said. He added that countering the trend requires “a lot of effort on law enforcement, on businesses, on the end user” to tackle the issue collectively.

---