Executive Summary                                                                                                                                                                                        

Cargo theft is enabled by strategically planned upstream fraud schemes (UFS), not solely by physical theft at intermodal facilities. This paper examines the origins of supply chain risk—within digital systems, insider access points, and identity fraud— and offers recommendations for prevention.

Key Findings

• An increasing share of cargo theft is driven by cyber‑enabled methods and identity theft
• Intermodal facilities are often the points of discovery, not the genesis
• Underreporting conceals the scale of the impact
• Fragmented ownership creates systemic weaknesses

The Shift: From Intermodal to Upstream Risk

When semi-trailers and railcars arrive with broken seals, pilfered loads, and empty containers, it seems obvious to view intermodal facilities (IMDLs) as the epicenter of cargo theft. However, recent data suggests that complex planning sets the crime in motion well in advance of theft becoming transparent at the IMDL.

Industry research shows strategic theft, which begins further up the supply line, is emerging as a primary driver of cargo theft rather than the physical theft event itself (American Transportation Research Institute [ATRI], 2025). According to the National Insurance Crime Bureau (NICB), well before the IMDL, members of transnational criminal organizations (TCOs) conduct fraud schemes (such as digitally enabled diversion, identity fraud, and engage complicit insiders) to infiltrate supply chains (NICB, 2025). These risk factors affect shipping, receiving, security, and transportation operations.

Embracing this shift allows supply chain stakeholders to more effectively allocate risk management resources to upstream fraud schemes (UFS), moving the focus away from IMDL where the loss is more transparent.

Losses due to strategic theft spring from TCOs moving in-demand, easily fenced items by running well-structured cartels. Members create phantom pickups, fake transfers, and falsified documents to appear as legitimate carriers (NICB, n.d.). Using these techniques, sophisticated criminal groups divert intermodal freight with high-value goods (HVGs), such as prescription drugs, precious metals, clothing and shoes, alcohol and tobacco, and electronic devices (NICB, n.d.; FBI, n.d.-b). With the help of credential-based infiltration fraud and logistics manipulation, criminals then move the goods through secondary distribution networks to generate profit.

In addition to providing perspective on current theft trends and background on UFS, this paper:

• identifies UFS across four supply chain domains—shipping, receiving, security, and transportation—prior to loss at the IMDL,
• offers practical suggestions to mitigate the impact of the UFS without creating a drag on freight velocity, and
• reviews recent regulatory developments.

2026 Cargo Theft Outlook

Given the intense focus on intercepting cargo theft in recent years, one would expect a favorable trend. However, experts indicate that negative cargo theft trends observed in 2025 are likely to persist into 2026 (American Trucking Associations [ATA], 2025).

Recent data underscores how quickly the threat is evolving. CargoNet reports that estimated cargo theft losses surged to nearly $725 million in 2025, representing roughly a 60% increase in total loss value compared with 2024 (CargoNet, 2026). The rising average loss per event, driven by targeted theft of high‑value freight, indicates that criminal groups are becoming more selective in choosing loads. At the same time, incident frequency and geographic spread continue to expand across U.S. regions, reflecting adaptive operations that exploit multiple modes, brokers, and handoffs (CargoNet, 2026).

Additional, and substantial, issues are the lack of a centralized reporting platform and inconsistencies in how incidents are recorded. Though there is no precise data tracking of how much cargo theft goes unreported, research suggests increased sharing of data among insurers and law enforcement will help provide a more accurate picture (NICB, 2025). Several industry focused articles discuss that many business owners feel discouraged by the lack of recovery on missing cargo and lack of legal deterrence.

Upstream Operations: How and Where Theft Begins

Advances in technology have made account takeovers markedly easier for coordinated theft operators and TCOs. Exploiting shipment data, tracking systems, and predictable freight patterns, they identify and intercept high-value loads. Insider involvement and identity fraud are recurring components of these schemes as well.

One of the common avenues to access shipment data used by criminals is via scam communications. Even experienced employees and executives can struggle to identify phishing emails and VoIP-based social engineering. Furthermore, outdated platforms within Transportation Management Systems (TMS) and Warehouse Management Systems (WMS) can introduce access and security gaps. These vulnerabilities allow bad actors to alter pickup and delivery details, redirect shipments, or insert unauthorized drivers—often without detection until the load is gone.

Because criminals’ schemes are more often bridging digital intrusion with physical theft, maneuvers of this kind require both technical capability and coordination. Actors skilled in credential harvesting and system intrusion work in concert with insiders and field crews to execute thefts in transit.

Using these methods upstream to gain detailed systemic knowledge exacerbates risk downstream in intermodal environments, where freight transitions across modes, locations, and operators, often in repetitive ways. Ports, rail yards, and transfer facilities inherently increase handoffs and reduce continuity of oversight, making them attractive targets for organized theft (Intermodal Association of North America [IANA], 2025; U.S. Department of Transportation [DOT], 2025a).

Law enforcement and industry reporting indicate that cargo theft is now substantially cyber-enabled, with criminals increasing their use of credential theft, account compromise, and other plots to facilitate load diversion, requiring comparable technological capability to detect and disrupt fraud (Federal Bureau of Investigation [FBI], n.d.-b; National Insurance Crime Bureau [NICB], 2025). For TCOs, predictable patterns, telematics data, and open-source intelligence provide the visibility needed to track shipments.

Law enforcement agencies continue to further develop analytical and investigative capabilities to detect and intercept these coordinated operations (FBI, n.d.-b). Currently, federal agencies and industry partners rely on intelligence sharing, trend analysis, and multi-agency task forces to address these schemes. This necessitates better data, coordinated enforcement, and proactive working relationships with private-sector stakeholders (Department of Homeland Security [DHS], 2023).

Fully understanding these threat scenarios and building a secure transnational supply chain requires all stakeholders to examine four primary risk domains:

• Shipping
• Receiving
• Security
• Transportation

FOUR PRIMARY RISK DOMAINS

Risk Domain I: Shipping

Shippers and brokers play a central role in shaping supply chain security, with risk often introduced—or mitigated—at carrier selection. Shippers may unwittingly create the first tiny fissure through which criminals can slide into the supply chain. Often, seemingly innocuous communications between unknown parties are points of entry. As described by the Cybersecurity and Infrastructure Security Agency (CISA), outdated or poorly secured enterprise systems, when operated with weak authentication and insufficient access controls, significantly increase exposure to cyber intrusions (CISA, n.d.; NICB, 2025).

Supply chain intrusions commonly begin with social engineering tactics, particularly phishing emails that appear to originate from trusted partners. These attacks enable credential compromise and unauthorized access to logistics systems, allowing criminals to manipulate shipment data and facilitate cargo theft. Because supply chains rely on interconnected and trusted entities, even small security lapses can create entry points for broader system compromise.

At the same time, global connectivity and digital freight matching make it difficult to fully know every player in a supply chain. Fragmented visibility and fast-moving transactions create exploitable gaps—especially where trust is assumed rather than verified. Moving toward a more controlled, trusted carrier network, built on verified credentials and performance history, can materially reduce exposure, even if it cannot eliminate risk entirely.

While all shippers have processes for verifying equipment and validating drivers, familiarity and informal relationships may result in lax procedures. Equipped with this knowledge, malicious insiders exploit these openings to alter the information onsite or connect with hackers on the other side of the world. Computer experts within TCOs exploit gaps and weak patches between aging tech systems, and surreptitiously change tenders, bookings, and dispatch assignments. By surveilling current trends of HVGs, criminal rings can infer which carriers will most likely move the targeted merchandise and materials.

Taken together, these dynamics point toward a clear conclusion: reducing risk is not the result of a single control, but of layered discipline. It starts with knowing with whom you are doing business, is reinforced through rigorous verification, and must be sustained through heightened awareness in the environments where freight is most exposed.

Shipping Risk Solutions:

Thorough vetting and identity proofing remain among the most effective controls against modern freight fraud schemes. Industry and regulatory guidance emphasize validating credentials, confirming operating authority, and enforcing disciplined onboarding processes, particularly as recent schemes rely on impersonation, identity theft, and fraudulent brokerage activity (American Transportation Research Institute [ATRI], 2025; U.S. Department of Transportation [DOT], 2025a; Federal Motor Carrier Safety Administration [FMCSA], 2025b). Tougher pick‑up and release practices further improve outcomes by making it harder for impostor carriers and brokers to access freight.

To set the stage for a successful transfer of valuable cartage, industry experts recommend:

• Installing cameras that deliver full coverage of the ingress and egress gates, lots, and dock area
• Closely check carrier licenses and driver credentials, equipment, and vehicle data
• Implement two-factor authentication
• Only use a preferred carrier list
• Engage a flagging method for hot commodities to prompt high security seals
• Reduce sitting time for containers with HVGs
• Consistently retrain team members to reinforce proper protocols

 

RISK DOMAIN II: RECEIVING

The second area of concern is receiving docks. Depending on the perspective, these are either facilitators of crime or ground zero of discovery. A macro view exposes the truth that somewhere in the supply chain, there is always a leak.

Unhappy employees with a need for quick cash are sometimes willing to look the other way or overtly enable theft. Overtaxed employees may mistakenly waive through a truck with forged paperwork due to lack of time and resources to carefully examine documents.

Because a high number of seals break in transit, law enforcement and inspectors may interpret the next broken seal as a routine exception rather than a signal of theft. Loads that appear to meet legal criteria may slip through outdated systems without detection. Frequently, containers do not arrive at the intended destination, or may show up with a pilfered, partially full, or an empty trailer.

Understanding the intersection of potential human vulnerability and the substantial opportunities at the receiving dock are key to reducing prospects for TCOs.

Receiving risk solutions:

To effectively prevent bulk theft at the receiving dock:

• Practice rigorous auditing of the carrier, driver, and equipment
• Check authentication of numbers and signage on cabs and trailers
• Photograph license plates, IDs, seal numbers, and door conditions
• Respond to every anomaly as an actual threat event

 

RISK DOMAIN III: SECURITY

Fragmented Ownership

Within freight networks, security governance is distributed across maritime carriers, railroads and terminals, drayage carriers, and even intermodal marketing companies. As commodities move through the chain, ownership changes hands multiple times, leaving each party responsible for a segment. This makes end-to-end oversight extremely difficult.

Security risk solutions:

Accurately assessing risk levels in each segment of the lane is key:

• Designate a single owner suitably matched to each lane’s level of risk
• Identify:
  • how that lane and its location impacts stakeholders,
  • how it uses intermodal transport, and
  • which facilities are in its path.
• Use current intelligence, not past practices, to regularly alter routes, change contracts, and leverage controls

 

RISK DOMAIN IV: TRANSPORTATION

As previously mentioned, carrier corroboration and identity confirmation are core risk mitigation strategies in addressing cargo theft and fraud. Industry research emphasizes the importance of thoroughly validating carrier credentials and implementing secure onboarding processes, noting that schemes frequently involve identity theft and double brokering to impersonate legitimate carriers (ATRI, 2025).

At the same time, the complexity of modern, multimodal supply chains makes it difficult to maintain full visibility of all participants. Intermodal freight environments—particularly transfer points such as rail yards, ports, and truck-rail facilities—introduce additional vulnerabilities due to the number of handoffs and connections involved, making these nodes attractive targets for organized theft (DOT, 2025a). Drayage, dwell time, and routes also open the door for intermodal losses. Relying on spot drayage, unknown or inadequately vetted brokers, and public load boards can clear the way for carrier cloning. When containers are left unattended or rarely inspected for several days, the risks multiply rapidly.

Strengthening controls through substantiated carrier networks and heightened scrutiny of high-risk intermodal functions can considerably reduce exposure to cargo theft.

Transportation risk solutions:

One of the most effective ways to reduce transportation risk is to thoroughly clear and continuously monitor motor carriers, a practice emphasized in recent research and guidance from the American Transportation Research Institute (ATRI, 2025) and the U.S. Department of Transportation, Federal Motor Carrier Safety Administration (2025b). It can be challenging in an era of global technology and commerce to know all the players in a given supply chain. Suggestions to overcome this involve:

• Working towarda known network of transporters who hold pre-screened credentials
• Only using compliant dray carriers in risky intermodal nodes
• Establishing andcommitting to stronger onboarding and monitoring of carriers and related personnel

Recent Regulatory Developments

In response to the rapidly shifting and complex climate of cargo theft, lawmakers have introduced several new federal bills:

• Securing American Freight, Enforcement, and Reliability in Transport Act (SAFER Transport Act)
• Combating Organized Retail Crime Act (CORCA)
• Cargo Security Innovation Act (in early stages of legislative process)
• Safeguarding Our Supply Chains Act

SAFER Transport Act

Senator Todd Young of Indiana introduced the SAFER Transport Act in February 2026. The main objective is to strengthen federal efforts to prevent, detect, and penalize freight fraud and cargo theft in supply chains (Young, 2026). Key provisions will:

• Tighten up motor carrier registration standards and close gaps in registration data
• Improve synchronization between the Department of Transportation and the Department of Justice as it relates to freight fraud and cargo theft enforcement
• Increase accountability for fraud schemes that facilitate cargo theft
• Toughen oversight of Commercial Driver’s Licenses and driver training safety to reduce risk

CORCA

Backed by the ATA, the Combating Organized Retail Crime Act (CORCA) addresses both organized retail theft and supply chain cargo theft (U.S. Congress, 2025a; ATA, 2026) and effectively brings cargo, rail, organized retail, and online fencing under one umbrella strategy. Having advanced through committee, it is positioned for broader congressional consideration. Key provisions (U.S. Senate Committee on the Judiciary, 2025) will:

• Establish the Organized Retail and Supply Chain Crime Coordination Center
• Enhance coordination and support between law enforcement and public-private partners (U.S. Senate Committee on the Judiciary, 2025)
• Update current federal statutes to strengthen law enforcement tools to expand forfeiture and money laundering authorities
• Enable aggregation of repeated thefts

Cargo Security Innovation Act

Senators Marsha Blackburn and Amy Klobuchar introduced the Cargo Security Innovation Act (S. 3376) in December 2025. The goal is to support law enforcement and operators at intermodal hubs with the latest resources to fight cargo theft (U.S. Congress, 2025b). If passed, the law would focus on technology to prevent and discourage criminal activity at high risk IMDLs. Key provisions will:

• Build a Transportation Security Administration pilot program to install the latest security technologies at IMDLs
• Require an evaluation of effectiveness of these technologies and report to Congress

Safeguarding Our Supply Chains Act

Introduced in 2024 by Representative David Valadao, the Safeguarding Our Supply Chains Act “aims to improve coordination and find solutions to stopping theft within national supply chains” (Valadao, n.d.). If approved, it will create a more coordinated federal response to supply chain crimes throughout rail, motor carrier, and IMDL networks. This bill complements CORCA but is framed more specifically around cargo theft and supply chain fraud across transportation modes, whereas CORCA centers on organized retail crime and related supply chain offenses. Key provisions of Safeguarding Our Supply Chains Act

• Establish a Supply Chain Crime Coordination Center housed under the Department of Homeland Security and Homeland Security investigations (HSI)
• Form a Supply Chain and Theft Task Force under the leadership of the HSI and FBI that includes relevant agencies
• Require an initial report to Congress within 180 days of enactment and annual reporting thereafter on the task force’s effectiveness to detect, disrupt and deter organized theft cells in all nodes of supply chains

Collectively, these proposed works of legislation will allow more effective and sustainable responses to coordinated cargo and retail theft activity by:

• Expanding and coordinating enterprise focused enforcement
• Synchronizing data collection of cargo theft and fraud throughout supply chains
• Creating stronger gatekeeping measures for carriers
• Triggering deterrence with stiffer penalties

Hotspots vs. Epicenter

The best strategy to head off cargo theft is to adjust the mindset away from intermodal lots as the epicenter. Indisputably, intermodal yards, terminals, and adjacent areas need strong physical and procedural security. Yet, fences, cameras, gates, locks, and patrols are only one set of tools.

A single epicenter does not exist in supply chain disruption. Every node is a potential hotspot. Companies that address gaps will be less vulnerable to theft. This method requires various procedures both at individual nodes and in the connections between them. Among the most important are:

• Reinforce stricter tendering and pick-up process at the shipper
• Create stringent identification and exception standards at receiving
• Allot lane-level security ownership
• Consider carrier selection, routing, and dwell as a security investment, not an expense

In addition to these measures, it is important to note that each of these procedures will be most successful if they are scalable. TCOs pivot quickly to the next most profitable scheme, and companies need security plans equally as fluid. Disrupting crime begins at the stuffing point and designing intelligence-driven checkpoints results in a resilient security system.

Conclusion

Intermodal lots are fallout from systemic problems. A company that handles upstream intelligence ahead of theft response will be the one that withstands the next generation of TCOs. How will companies be certain that they have sufficiently mitigated risk in their supply chain? When thefts move elsewhere.

Based upon multi-modal supply chain experience, Gravick Group experts know how to assess and avert risk in unexpected circumstances. Combining decades of practical knowledge from service in the U.S. Special Forces, Department of Homeland Security, Central Intelligence Agency, Department of Foreign Services, our team offers exceptional risk mitigation practices. Clients from a variety of industries have seen significant drops in thefts and losses, resulting in measurable increases in profits.

Contact Gravick Group, we have the people, the proven process, and the technology to get the job done.

REFERENCES

American Transportation Research Institute. (2025). Analysis of cargo theft and supply chain risk.       https://truckingresearch.org/wp-content/uploads/2025/10/ATRI-The-Fight-Against-Cargo-Theft-10-2025.pdf

American Trucking Associations. (2025, June 20). Freight under fire: The explosive rise of cargo theft. https://www.trucking.org/news-insights/freight-under-fire-explosive-rise-cargo-theft

American Trucking Associations. (2026, January 13). ATA-backed cargo theft bill advances with House committee approval. https://www.trucking.org/news-insights/ata-backed-cargo-theft-bill-advances-house-committee-approval

CargoNet. (2026, January 21). 2025 cargo theft trends. https://www.cargonet.com/news-and-events/cargonet-in-the-media/2025-theft-trends/

Cybersecurity and Infrastructure Security Agency. (n.d.). Industrial control systems. U.S. Department of Homeland Security. https://www.cisa.gov/topics/industrial-control-systems

U.S. Department of Homeland Security, Homeland Security Advisory Council. (2023, March 16). Information and intelligence sharing subcommittee final report. https://www.dhs.gov/sites/default/files/2023-03/Intelligence%20and%20Information%20Sharing%20Final%20Report%2003162023.pdf

Federal Bureau of Investigation. (n.d.-a). Cargo theft. U.S. Department of Justice. https://www.fbi.gov/investigate/transnational-organized-crime/cargo-theft

Federal Bureau of Investigation. (n.d.-b). Transnational organized crime. U.S. Department of Justice. https://www.fbi.gov/investigate/transnational-organized-crime

Intermodal Association of North America. (2025). Protecting America’s supply chain from cargo theft (Response to U.S. DOT RFI). https://www.intermodal.org/documents/IANA_Response_USDOT%20RFI_Cargo_Theft_Oct_2025_FINAL.pdf

National Insurance Crime Bureau. (2025, June 25). NICB warns of increased cargo theft in 2025. https://www.nicb.org/news/news-releases/nicb-warns-increased-cargo-theft-2025

National Insurance Crime Bureau. (n.d.). Cargo theft. https://www.nicb.org/prevent-fraud-theft/cargo-theft

U.S. Congress. (2025a). Combating Organized Retail Crime Act of 2025 (H.R. 2853, 119th Cong.). https://www.congress.gov/bill/119th-congress/house-bill/2853

U.S. Congress. (2025b). S. 3376: Cargo Security Innovation Act (119th Congress). https://www.congress.gov/bill/119th-congress/senate-bill/3376/text

U.S. Department of Transportation. (2025a). Cargo theft request for information. https://www.transportation.gov/sites/dot.gov/files/2025-09/DOT_Cargo_Theft_RFI–September_2025.pdf

U.S. Department of Transportation. (2025b). Federal Motor Carrier Safety Administration. Consolidated electronic field operations training manual (Compliance manual). https://www.fmcsa.dot.gov/sites/fmcsa.dot.gov/files/2025-01/Consolidated%20Electronic%20Field%20Operations%20Training%20Manual%20(eFOTM)%20version%209.6..pdf

U.S. Senate Committee on the Judiciary. (2025). Combating Organized Retail Crime Act of 2025: Section-by-section summary. https://www.judiciary.senate.gov/imo/media/doc/corca_summary_final.pdf

Valadao, D. G. (n.d.). Safeguarding our supply chains act: One-page summary. https://valadao.house.gov/uploadedfiles/one_page_summary_safeguarding_our_supply_chains_act.pdf

Young, T. (2026, February 25). Young introduces bill to protect American roads and supply chains. U.S. Senate. https://www.young.senate.gov/newsroom/press-releases/young-introduces-bill-to-protect-american-roads-and-supply-chains/

AI Disclaimer: This content was edited with assistance from Originality.com, Perplexity.ai and ChatGPT.com. The final text was reviewed, verified, and approved by Karen Potter/Gravick Group].