This risk isn’t purely theoretical, a number of worrying cases illustrating the convergence of physical and cyber security have occurred over the past few years. In Belgium, for example, a drug smuggling group took advantage of poor physical security at port facilities in Antwerp to install software that allowed them to track incoming cocaine-laden containers after their remote hacking of port management systems was exposed. This case demonstrates how some cybersecurity measures are only as good as their accompanying physical security measures. In the United States, fictitious pickups of cargo shipments involving criminals who have stolen the identity of trucking companies – typically with the use of phishing emails – have become increasingly common. Cargo theft and drug trafficking are dirty, dangerous businesses, so who can blame criminals for using technology to make their work a little less dirty and dangerous?
For most companies, however, the problem is more prosaic than hackers breaking into company networks. Employees often lack awareness of how physical security vulnerabilities can cause headaches on the cybersecurity side as well, and IT security teams often don’t work as closely as they should with groups responsible for physical security. A little training on how to recognize obvious phishing attempts and IT security training for warehouse and other supply chain employees can go a long way towards securing company information. Similarly, IT professionals should receive basic physical security training to gain an understanding of how physical layers of security can aid cybersecurity efforts.