Changing Tactics: Cargo Thieves Zero in on Information from Supply Chains

Global container ports can be seen as the biggest supermarkets in the world, jam-packed with containers filled with highly desirable products of almost every description.

If you’re in any way connected to the world of supply chain, you know this to be true. And, in a world with very few secrets any more in terms of security, organized crime groups (OCGs) know this, too. This is why ports are often at the heart of supply chains for illicit goods and are a prosperous hunting ground for the perpetrators of cargo thefts.

joint analysis report published in May 2023 by Europol and the Security Steering Committee of the ports of Antwerp, Hamburg/Bremerhaven, and Rotterdam, described the infiltration of ports by organised crime groups as “a major threat for the legitimate economy and security of the EU”—and it’s easy to understand why. 

Europe’s biggest ports process an estimated 3.5 billion tonnes of legal trade annually, with containerized goods accounting for 25 percent of goods handled—the equivalent of 98 million containers a year. Due to the enormity of their operations, however, port authorities are only able to inspect between 2 and 10 percent of the containers in their operational environments. This poses a significant security challenge that the supply chain industry recognizes, and so too do the crooks.

Europol’s objective in producing its report on Criminal Networks in EU Ports: Risks & Challenges for Law Enforcement is to raise awareness among private and public authorities, to encourage EU-wide information exchange, and to provide recommendations to develop a European approach to countering OCG activity.

A more specific objective is to tackle the modus operandi criminal networks increasingly use to misappropriate container reference codes—the codes port handlers assign cargo containers to identify and track them. To obtain a container at a port, individuals need identification that authorizes them to be there, appropriate paperwork to acquire the container, and the container code.

These numbers are typically only shared with port handlers, owners of cargo containers, logistics personnel, and drivers who transport the containers. But uropol estimates that misappropriated container codes have helped facilitate the trafficking of hundreds of tonnes of drugs and increases risks to legitimate cargo if organized criminals are able to extract containers using the same methodology.

Changing Tactics

In many respects, the most valuable commodity inside ports is not product-based—it is information based. When we look at cargo crime in the Europe, Middle East, and Africa (EMEA) region and, indeed, globally, we see fewer and fewer thefts from what we typically classify as a facility. Facilities would include container ports, airports, logistics warehouses, and distribution centers. This is because the number of people and the level of security monitoring technology in these locations are larger and better than ever before, and because criminals no longer feel they need to take the added risk of targeting facilities.

This is why, in EMEA at least, 85-90 percent of cargo losses involve criminal attacks targeting goods onboard trucks. Goods may have arrived at a port, but the greatest risk occurs when they leave its protected environment. Why should criminals take the risk of trying to penetrate the security of a busy seaport when they can simply wait and target a truck carrying a high value load on a quiet road or while the driver is taking a rest break in an unsecured parking place? In many cases, only one person (the driver) stands between the load and the loss, and the vulnerability of drivers has never been greater.

The information OCGs can obtain from people working inside ports is what can help identify the best trucks and loads to target. Often, OCGs will have their own people on the inside. Europol says criminal networks have infiltrated ports on all continents.

OCG members, Europol explains, insert themselves into the community of personnel active in port-related activities. They may do this by gaining access to the social network directly, through sport or leisure activities, or take up employment in the port to make contact with port workers on the job or in training sessions. Once the contact has been established, they grow the network of insiders and strengthen their infiltration using corruption and intimidation.  

That said, crime groups are increasingly looking to use a modus operandi (M.O.) that requires the corruption of as few individuals as possible. This is why the misappropriation of container reference codes—or so-called PIN code fraud—which the importer, their representative, or transporter can use to pick up a container from the destination terminal—is so appealing to criminals. It requires the corruption of just one individual, along with either the corruption or a Trojan horse style infiltration of extraction teams, who are then paid between 7 percent and 15 percent of the value of the illegal shipment. Bribery fees may reach hundreds of thousands of euros. The highest fees are paid to essential links in the extraction chain, often crane operators, planners, or employees providing access to information via IT systems.

Cybercrime and hacking into port information systems will lessen the need for “boots on the ground” even more if essential intelligence and the release of containers can be achieved remotely. Higher levels of automation in ports and increasing digitalization of cargo handling procedures may well serve to accelerate this risk given the vulnerability of our connected world.

The Europol report says the M.O. of misappropriation of container reference codes “reflects how criminal networks continuously look for loopholes in port procedures and gaps in security.”

Europol adds that: “One of the most effective measures to close loopholes/gaps in the logistics process is the principle of access to data and data systems on a need-to-know basis. Logistics companies limiting access to container reference codes has already proven to be an effective solution against this M.O.”

Based on loss data I see in our claims on transport losses on a global level, the risk mentioned above does not only happen in EU ports. Criminals use the same M.O. and build up their business on normal trade lanes and commodities.

For companies, cargo crime—whether this is products stolen from a port, a warehouse, or a truck—can be a costly business. Yes, the stolen goods will almost certainly be insured, but what of the broader ramifications? For many stolen cargoes, the true cost of loss can be five to seven times the value of the goods lost. An even bigger cost is the damage to a company’s reputation and client relationships when it fails to deliver as planned and fulfil its contractual obligations.

Beside Zurich Insurance data, I also have access as a member of the Transported Asset Protection Association (TAPA) in the EMEA region to a cargo crime database of nearly 70,000 product thefts across 99 countries in our region. Less than 40 percent of these crimes shared any loss value. For those that did, the combined value of their losses is close to €1.5 billion ($1.6 billion USD). Now multiply that with the factor stated above and you know why supply chain security is an important aspect of corporate security for a company.

The TAPA EMEA data provides insight into M.O., risk areas, and preferred stolen items, and the membership provides me access to a world of supply chain security experts and law enforcement contacts—as well as their global and specific regional standards to reduce theft from the supply chain.

The ASIS Supply Chain and Transportation Security Committee is a group of supply chain specialists that are working together to share experience and expertise and support members with standards and training to raise awareness. For instance, with its Supply Chain Security Certificate Program, webinars, and the ASIS Supply Chain Risk Management standard that is currently under revision.

Increased awareness of risks in the supply chain can be a vital part for companies to achieve their goals. TAPA and the ASIS Supply Chain and Transportation Security Committee complement each other in the overall framework of supply chain security.

The need to consider the wider impact of cargo crime has never been greater given the heightened global demand for supply chain resilience raised during and since the COVID-19 pandemic. One particular incident made this clear. In early 2022, when bicycle sales were rising, an OCG stole 10,000 bicycle parts from a truck at a motorway service in Germany. This was the first time the Czech bicycle manufacturer was the victim of such a theft. Following the incident, the manufacturer took the initiative to use the experience as a warning to others of the risk of cargo thefts outside of ports.

In a statement to TAPA, the bicycle manufacturer’s supply chain director said the situation for bicycle producers is difficult.

“On the one side we are dealing with huge demand, but on the other side there is an even bigger shortage of components, caused by many factors,” the director explained. “From the consignment loaded mostly with expensive e-bike and bike parts, only nine boxes of low-end components were left in the truck. This will delay production of some models by almost a year, as there is no alternative on the market for many of the parts from this shipment. We are a strong and stable company, so this is just another obstacle out of many we are facing in the last years, but would this happen to smaller manufacturers, it would be liquidating for them. We really haven’t seen this situation before. We hope that due to the shortage of parts, these cases will not be repeated, because despite all the measures we have set up, no insurance cover can compensate us for the loss and, especially, the reputation for late delivery.”

This is a reality no company ever wishes to face.   

Björn Hartong, CPP, MBA, is the global head of RE Marine, Security, and Supply Chain at Zurich Resilience Solutions, Zurich Insurance. He is also a board member of the Transported Asset Protection Association EMEA and a member of the ASIS International Supply Chain and Transportation Security Committee.

Changing Tactics: Cargo Thieves Zero in on Information from Supply Chains
Changing Tactics: Cargo Thieves Zero in on Information from Supply Chains
Changing Tactics: Cargo Thieves Zero in on Information from Supply Chains
Changing Tactics: Cargo Thieves Zero in on Information from Supply Chains
Changing Tactics: Cargo Thieves Zero in on Information from Supply Chains
Changing Tactics: Cargo Thieves Zero in on Information from Supply Chains
Changing Tactics: Cargo Thieves Zero in on Information from Supply Chains
Changing Tactics: Cargo Thieves Zero in on Information from Supply Chains
Changing Tactics: Cargo Thieves Zero in on Information from Supply Chains
Changing Tactics: Cargo Thieves Zero in on Information from Supply Chains
Changing Tactics: Cargo Thieves Zero in on Information from Supply Chains
Changing Tactics: Cargo Thieves Zero in on Information from Supply Chains
Changing Tactics: Cargo Thieves Zero in on Information from Supply Chains
Changing Tactics: Cargo Thieves Zero in on Information from Supply Chains
Changing Tactics: Cargo Thieves Zero in on Information from Supply Chains
Changing Tactics: Cargo Thieves Zero in on Information from Supply Chains
Changing Tactics: Cargo Thieves Zero in on Information from Supply Chains