Cyber criminals targeting logistics sector

A March 2026 ransomware attack on the Namibian Airports Company (NAC) is one of the latest in a growing list of regional logistics companies affected by cybercrime. NAC issued a statement saying, “preliminary assessments indicate that the data set includes airport permit system files, parking management databases, engineering and project documents, financial records and certain internal reports”. Interpol reports that two-thirds of African member countries report that cyber-related offences account for a medium-to-high share of all crimes. The latest Interpol statistics show that ransomware detections in Africa rose in 2024, with South Africa and Egypt suffering the highest number, at 17 849 and 12 281, respectively, according to data from Trend Micro, followed by other highly digitised economies such as Nigeria (3 459) and Kenya (3 030). Trend Micro predicts that in 2026 ransomware will become fully AI-driven, accelerating the speed at which vulnerabilities are scanned and exploited. Cyber criminals are also targeting cargo. “Phishing, social engineering and system intrusions are being used to intercept digital load data, manipulate dispatch instructions and exploit weak cyber controls within logistics platforms,” says Natalie Cooper, senior marine and aviation broker at Aon South Africa. “Effectively addressing cargo theft in South Africa requires a shift away from isolated or purely physical controls towards an integrated, intelligence-led and technology-enabled approach,” she writes. “Traditional mitigation strategies, often focused on documentation checks or basic tracking, are no longer sufficient against syndicates that combine insider knowledge, cyber intrusion and physical force,” she adds. “Organised crime is increasingly hybridising tactics. Intelligence indicates that syndicates are using cyber reconnaissance to compromise shipment schedules, GPS tracking platforms or payment systems – sometimes coordinating attacks through Telegram or dark web marketplaces,” reports NSA South Africa. Ports of entry are being targeted, with significant knock-on effects. The 2021 delays due to ransomware that suspended Transnet operations, coupled with operational port and rail inefficiencies, cost coal, chrome, manganese and iron ore producers up to R50 billion in export earnings over 12 months, the Minerals Council estimated. Attacks continue, with criminals exploiting maritime single windows, according to the International Maritime Organization (IMO). In March 2026, the IMO facilitation committee warned that, as digitisation increased, so did cyber threats that could cause operational, safety or security failures. To address this, the FAL Committee has approved amendments to the Annex of the Convention on Facilitation of International Maritime Traffic, 1965 (FAL Convention). These amendments require contracting governments to implement mandatory cybersecurity measures to protect maritime single windows, in line with national legislation. ER