Cyberthreats surge against US logistics infrastructure
Fraud Watch also salutes a detective fighting cargo theft in Philly. The post Cyberthreats surge against US logistics infrastructure appeared first on FreightWaves.
Cybersecurity provider Trellix recently released its April “CyberThreat Report” revealing an alarming rise in cyberattacks targeting critical U.S. infrastructure, with the freight and logistics sectors now in the crosshairs of nation-state actors and sophisticated ransomware groups.
Between October 2024 and March 2025, the U.S. saw a 136% increase in Advanced Persistent Threat (APT) activity, prolonged and targeted cyberattacks in which an intruder gains unauthorized access to a network and remains undetected for an extended period.
Of particular concern is the role of APT29, also known as Midnight Blizzard, a well-documented cyber espionage group linked to the Russian Foreign Intelligence Service. Known for its stealthy, high-level campaigns, APT29 specializes in long-term intrusions that exfiltrate sensitive data without immediate detection.
Trellix researchers report that 55% of APT29’s observed activity in this period specifically targeted the transportation and shipping sectors, signaling a coordinated focus on disrupting or surveilling supply chain operations. For logistics professionals, this suggests that state-sponsored actors are probing for weaknesses not just in physical infrastructure, but also in the digital ecosystems that support freight visibility, scheduling and warehouse management.
Meanwhile, ransomware continues to plague U.S. organizations, with 58% of all global ransomware-related posts traced back to U.S.-based attacks. This reflects an environment where financially motivated criminal groups are increasingly exploiting known and zero-day vulnerabilities, bypassing phishing emails in favor of more direct and technical exploits.
What’s more troubling is the evolution in attacker methods. Rather than relying on suspicious email attachments, cybercriminals are now favoring fileless malware, which hides in memory, and using legitimate Windows tools to execute attacks, making them harder to detect with traditional antivirus solutions.
Learn more about these cybersecurity threats in the Trellix report.
