Cybersecurity for trucking and logistics in northern Alberta.

Dispatch-system compromise is the highest-impact attack pattern we see in this sector. An attacker phishes a dispatcher, takes the credentials, and now has full visibility into upcoming loads, customer relationships, rate confirmations, and driver assignments. From there the variations branch out: redirecting a load to a fraudulent pickup, issuing false rate confirmations to other carriers under your authority, or simply sitting quietly and gathering data for the next round. Cargo-theft groups have been working this pattern for years and it is getting more sophisticated.

Vendor banking-change fraud is the second category, and it hits carriers in two directions. On the receivables side, an attacker compromises a broker's mailbox, intercepts remittance instructions, and swaps in their own banking details before they reach you. On the payables side, a compromised mailbox at one of your vendors sends you updated banking details for fuel cards, tires, insurance, or maintenance — and you pay the wrong account. Recovery rates are below 10% once the funds move.

The ELD ecosystem is a quieter but real risk surface. Most fleets use one of a handful of ELD platforms, and the credentials are often shared across dispatch, safety, and management. Vulnerabilities in fleet-management software have been disclosed and exploited. Where ELD data feeds compliance reporting, the integrity of that data is your defence in an audit or a litigation scenario.

Ransomware against trucking is timed for maximum leverage — early in the week when loads are committed, or right before a quarterly tax or NSC deadline. The cost of a one-week dispatch outage is rarely just the ransom. It is the lost loads, the broken customer relationships, and the audit risk on incomplete recordkeeping.

Three structural reasons. First, trucking sits at the centre of a supply chain where physical goods, payment flows, and identity all converge — meaning a single compromised account can be monetized in multiple ways at once. Second, most carriers are operationally tight on cybersecurity budget — the owner-operator and small-fleet end of the market is still on consumer-grade IT, and even mid-size fleets often have one in-house generalist handling everything. Third, the deadline pressure on dispatch makes social engineering disproportionately effective — “the rate confirmation needs to be re-sent in the next 15 minutes” bypasses normal scrutiny.

We start with the Microsoft 365 tenant and the dispatch-system access layer. Enforced MFA on every account that touches dispatch, conditional access policies tied to office IP and known driver tablets, legacy authentication blocked, and mailbox auditing enabled. We help write a banking-change verification procedure that the bookkeeper actually follows — two-minute call to a known number before any EFT change moves.

Managed EDR (Huntress) goes on the office workstations, dispatch terminals, laptops, and any driver tablets that run a full Windows or macOS stack. Cloud backup runs separately from the M365 retention so a ransomware event does not take dispatch history with it. For Tier 2+ engagements, we audit and document your dispatch and ELD vendor security configuration — MFA enabled at the vendor side, IP restrictions, role-based access, and clean offboarding when dispatchers move on.

On the recordkeeping side, we make sure ELD records, hours-of-service documentation, equipment inspections, fuel and tax records, and customer contracts are backed up to immutable cloud storage with retention periods that match CCMTA / NSC requirements. We do not write your safety program. We just make sure the cybersecurity side does not become the reason you fail an audit or lose a defence in litigation.