GoKawiilCyber operations have grown to become a major component of cargo theft over the past four years, with transnational cybercriminal groups increasingly using phishing, impersonation, and remote compromise to hijack goods during transport.
The FBI has warned that cargo theft losses in the US and Canada jumped 60%, to an estimated $725 million in 2025, as criminals adopted a cyber-enabled playbook for compromising brokers, carriers, and shippers — using that access to conduct a variety of illegal schemes. Often threat actors will use impersonation to pose as a broker and phishing with links to malicious sites to steal credentials and install malware. In other cases, they will create fake online orders for shipping cargo, while fraudulently bidding on real loads, the FBI stated.
Cyber-enabled cargo theft — often called strategic cargo theft, because the criminals operate more like businesses than smash-and-grab cargo thieves — leads to cargo shippers and transporters willingly giving their cargo to criminals, says Keith Lewis, vice president of operations at Verisk Cargonet, a transportation-industry threat-intelligence service.
Related:Microsoft Edge Stores Passwords in Process Memory, Posing Enterprise Risk
"The bad guys are good at a few different things: one is return on investment, two is they know our business better than we do, and three is the innovation," he says. "We can come up with four or five different stop-gaps for [the current schemes], and they'll come up with four or five different workarounds. There's just no silver bullet."
The FBI's April 30 threat notice to the transportation industry highlights the changes in cargo-related crime. Enabled by technology and compromised logistics systems, cargo theft has moved beyond local criminal groups and become a favored strategy of transnational criminal groups, because they can conduct the fraud from overseas, including compromising remote monitoring and management (RMM) systems and spoofing global positioning systems to make missing cargo harder to locate.
With a compromised broker account, a cybercriminal has a variety of options for cargo theft. Source: FBI's I3C
Overall, cybercriminals are constantly finding ways to exploit vulnerabilities in the information systems that manage the physical supply chain, David Glawe, president and CEO of the National Insurance Crime Bureau, said during his July 2025 testimony before the US Senate Committee on the Judiciary.
"While most cargo thefts historically occurred at warehouses or distribution centers, strategic cargo thefts can happen at any vulnerable point in the supply chain," he said. "Criminals can operate under the guise of being a legitimate carrier in order to gain possession of cargo or steal another carrier's identity to bid on shipments they later divert away from their intended destination."
Related:Claude Mythos Fears Startle Japan's Financial Services Sector
... continue reading