Security for Supply Chain and Logistics Operations | CloseProtectionHire

Cargo theft costs the global economy an estimated USD 22 billion annually, according to BSI Supply Chain Services’ 2024 Intelligence Report. That figure encompasses direct loss, insurance premium inflation, supply chain disruption, and the operational costs of incident response. It does not capture the secondary effects: pharmaceutical products with compromised cold chain re-entering healthcare supply chains, high-value electronics feeding counterfeit markets, or the operational intelligence that cargo theft networks extract to enable escalation into violent hijacking.

For logistics operators, security professionals, and corporate supply chain managers working in high-risk markets, this article sets out the primary threat categories, the standards and certifications that define security baselines, and the operational protocols that reduce exposure in the most dangerous corridors.

The Threat Geography

Cargo theft is not evenly distributed. Three countries account for a disproportionate share of global incidents, and the threat character differs in each.

Brazil. The ANTT (Agencia Nacional de Transportes Terrestres – Brazil’s national land transport agency) reported 15,318 cargo theft incidents in 2023, a figure that has remained stubbornly high despite significant law enforcement investment. The BR-116 corridor (Sao Paulo to Rio de Janeiro via the Anhanguera-Bandeirantes system and the Dutra highway) and the BR-040 (Belo Horizonte south toward Rio) are the primary hotspots. Cargo theft in Brazil is predominantly conducted by organised criminal factions, particularly CV (Comando Vermelho) and PCC (Primeiro Comando da Capital) affiliates who treat cargo theft as a revenue stream parallel to drug trafficking.

The specific threat is the planned hijacking rather than opportunistic theft. Gangs in Brazil conduct advance surveillance on logistics operators, identify target loads through corrupted insiders or interception of cargo management systems, and deploy armed teams to intercept vehicles at choke points. Armed cargo hijacking is common and violent. Drivers have been killed in resistance scenarios.

Mexico. CJNG (Cartel Jalisco Nueva Generacion) and the Sinaloa Cartel both exercise territorial control over significant portions of the Mexican road network. The Estado de Mexico (routes out of CDMX), Jalisco, Puebla, and the northern border corridors to Laredo and Nogales are the primary threat zones. ANTP (Asociacion Nacional de Transporte Privado) 2024 data indicates that cargo theft in Mexico is most concentrated in the tractor-trailer category, where fuel theft (huachicol) and consumer goods theft overlap with cartel revenue operations.

South Africa. The N3 Johannesburg to Durban and N12 Johannesburg to Cape Town corridors see the highest concentration of heavy goods vehicle hijackings in sub-Saharan Africa. TT Club and BSI both identify South Africa as a priority concern in their annual global cargo security reports. SAPS (South Africa Police Service) crime statistics 2023-24 document significant under-reporting of cargo crime; the true figure substantially exceeds official records. The combination of high unemployment, port congestion creating predictable vehicle queuing, and organised crime networks with established receiving capacity drives consistent high volumes.

Organised Retail Crime and Secondary Theft Markets

In addition to hijacking on the road, organised retail crime (ORC) operations targeting distribution centres and warehouses have increased significantly across Europe and North America. The BRC Annual Crime Survey 2024 documents a 131% increase in retail theft versus the 2019-2020 baseline in the UK, driven in part by coordinated ORC networks that target distribution rather than individual stores.

The ORC model – coordinated teams executing rapid, high-value theft from distribution facilities, often with insider intelligence – applies the same operational logic as road hijacking but in a warehouse context. The target is the same: high-value cargo (electronics, pharmaceuticals, luxury goods, alcohol, infant formula) with ready secondary market demand.

GPS Jamming and Spoofing: The Tracking Defeat Problem

Fleet management systems based on GPS tracking have been a primary tool for cargo security over the past two decades. The technological response from organised crime has been progressive.

GPS jamming uses a broadband signal to overwhelm GPS receivers, causing them to lose lock and either stop reporting or report a last-known position. Jammers are commercially available (illegally in most jurisdictions) and can be deployed from a following vehicle. A jammed tracking device either goes silent or holds a fixed position – both of which, paradoxically, can trigger alerts in well-configured fleet management systems.

GPS spoofing is more sophisticated. A spoofing device transmits a false GPS signal that causes the tracker to report a fabricated position – typically a legitimate depot or parking location. The vehicle appears stationary and at a normal location while it is actually being driven to a receiving location. Recorded Future’s GPS Spoofing Intelligence Report 2024 documented a 35% year-on-year increase in spoofing incidents in civilian contexts, with organised crime corridors in Brazil, Mexico, and Eastern Europe specifically identified.

The operational response is dual-technology tracking:

• GPS combined with cellular (GSM/LTE) triangulation: cellular triangulation functions independently of GPS and cannot be jammed by the same device
• Accelerometer-based motion detection: an accelerometer reports vehicle movement regardless of GPS status – a “stationary” reading from GPS combined with accelerometer motion data is an immediate alert
• CANBUS integration: monitoring engine data (speed, RPM, door sensors) through the vehicle’s diagnostic bus provides a further independent data stream

For high-value cargo in high-risk corridors, single-technology tracking is inadequate. TAPA TSR Class 1 requirements specify minimum tracking technology standards, but operators in the highest-risk environments should apply dual or triple technology.

TAPA Standards: The Cargo Security Benchmark

The Transported Asset Protection Association (TAPA) produces two primary standards relevant to logistics operations:

Freight Security Requirements (FSR) applies to warehouses, distribution centres, and cargo handling facilities. FSR Class A (highest) requires access control with biometric or PIN entry, CCTV with defined retention periods, perimeter lighting, secure cage systems for high-value goods, and rigorous visitor and contractor management. FSR Class B requires a reduced specification, Class C is the minimum. TAPA conducts third-party audits to maintain certification status.

Trucking Security Requirements (TSR) applies to vehicle operations. TSR Class 1 (highest) requires GPS tracking with a defined check-in frequency, route management protocols, driver communication standards, and vehicle security controls (cab alarms, door sensors, immobilisers). TSR Class 2 and Class 3 are reduced specifications.

TAPA certification is increasingly a commercial prerequisite rather than a differentiation factor. Pharmaceutical manufacturers (AstraZeneca, Pfizer, Reckitt), consumer electronics companies (Apple, Samsung), and luxury goods houses now specify TAPA FSR Class A or TSR Class 1 as a minimum condition in logistics contracts. Operators without TAPA accreditation face exclusion from significant categories of high-value business.

The TAPA EMEA Incident Report (quarterly) is the most granular public data source on cargo theft incidents across Europe, the Middle East, and Africa, tracking incidents by country, cargo type, and method.

Driver Vetting and Compartmentalisation

The single most consistent intelligence gap in cargo security is the driver who knows the value and content of their load.

Organised cargo theft in Brazil, Mexico, and South Africa relies on insider intelligence in a significant proportion of incidents. That intelligence does not always come from a deliberately recruited insider – it can come from a driver who has been pressured (threatened), cultivated (paid small amounts over time for information), or who simply discusses their load with contacts who pass the information on without the driver’s knowledge.

Compartmentalisation is the primary control. Operationally, this means:

• Drivers receive only the consignment note reference and the destination – not the detailed manifest contents
• Specific cargo categories (pharmaceuticals, electronics, tobacco, alcohol, infant formula) are categorised as sensitive and the briefing protocol adapted accordingly
• Route instructions are issued to drivers at the point of departure rather than at vehicle collection – reducing the window during which a driver’s route is predictable
• Load-specific information is held by the dispatch coordinator and the receiving party, not transmitted to the driver by phone or messaging application

Formal driver vetting should include criminal background checks at minimum (DBS or equivalent), reference checks with prior employers, and – for high-value runs – periodic re-screening rather than a one-time hire check. The BSI Supply Chain Security Guidelines 2024 recommend re-screening at 12-month intervals for drivers on designated high-value routes.

Secure Parking: The TAPA Parking Programme

Overnight parking of loaded vehicles is one of the highest-risk periods in a logistics operation. A vehicle parked at an unsecured layby, truck stop, or informal rest area in Brazil, Mexico, or South Africa is a fixed, accessible target. The theft can occur without time pressure, with the ability to select the right tools and bypass security controls at leisure.

TAPA operates a Parking Programme that certifies truck stops and rest areas to defined security standards – perimeter fencing, controlled access, CCTV, and security staffing. Routing that incorporates TAPA-certified parking facilities at each overnight stop is a measurable risk reduction for long-haul operations in high-risk corridors.

Where TAPA-certified facilities are not available on a route, the alternative is convoy operations with dedicated security vehicles, so that a loaded vehicle is never stationary and unattended in an insecure location. For very high-value loads, this is the operational standard regardless of facility availability.

Pharmaceutical and Cold Chain Security

Pharmaceutical cargo represents one of the highest-value theft targets by weight and the most complex security challenge. Beyond theft, there is a patient safety dimension: a pharmaceutical product whose cold chain has been interrupted – where the temperature has moved outside the specified range – may be compromised in efficacy or safety. If that product is substituted back into the supply chain (theft organisations sell into secondary markets that may reintroduce it to healthcare settings), the risk is not just commercial loss but patient harm.

Security protocols for pharmaceutical logistics should include:

• Tamper-evident sealing at the pallet level, with serial-numbered seals logged in the chain-of-custody documentation
• Temperature data loggers embedded in the shipment, recording at defined intervals, with the data downloadable at each handover point
• Reconciliation at each handover: unit count, seal numbers, and temperature log reviewed and signed off before custody transfers
• Driver and vehicle separation protocols: the driver should not have physical access to the loaded cargo compartment during transit. Sealed, alarmed cargo compartments with independent temperature monitoring are the appropriate specification

The WHO Good Distribution Practice (GDP) guidelines for pharmaceutical products specify these requirements from a quality perspective. Security protocols should align with and extend GDP requirements.

P1 City-Specific Considerations

Lagos. The Apapa-Wharf Road corridor (port access) has documented theft and extortion issues, with unofficial toll collection by criminal groups creating a predictable choke point. Cargo transiting from Apapa port should use vetted logistics operators familiar with the route and should avoid overnight staging at non-secured facilities. OSAC Nigeria 2024 documents cargo theft as a primary operational risk for logistics operators.

Bogota. Cargo theft in Colombia is concentrated on routes out of Bogota toward the Caribbean coast (Ruta 45 toward Barranquilla) and toward Medellin. ANTT Colombia data documents significant theft of electronics and pharmaceutical cargo. Armed hijacking is documented; route intelligence should be updated at minimum weekly.

Johannesburg. The Reef industrial corridor (Germiston to Springs) and the Johannesburg to Durban N3 are the primary threat zones. TT Club South Africa data 2024 documents that 60% of South African cargo theft incidents occur during transit, with the remainder at facilities.

Manila. Port of Manila import cargo faces documented theft in the deconsolidation and drayage phase – between container terminal and bonded warehouse. OSAC Philippines 2024 notes this as a specific risk for electronics imports. Bonded warehouse selection and direct delivery protocols (minimising intermediate handling stages) are the primary mitigations.

For Security and Logistics Managers: Baseline Controls

The minimum baseline for logistics security in elevated-risk markets, consistent with TAPA TSR/FSR standards and BSI Supply Chain Security Guidelines:

1. Dual-technology vehicle tracking (GPS plus cellular triangulation plus accelerometer)
2. Driver vetting with periodic re-screening at 12-month intervals for high-value route assignments
3. Cargo content compartmentalisation – manifest details withheld from drivers
4. Route intelligence updated at minimum weekly for P1 corridor operations
5. TAPA-certified parking facilities at overnight stages, or convoy escort where certified facilities are unavailable
6. Tamper-evident sealing and chain-of-custody logging for pharmaceutical and high-value cargo
7. GPS spoofing detection monitoring (dual-technology systems) with alert thresholds for GPS-cellular position discrepancy
8. Incident reporting logged to TAPA EMEA Incident Database to contribute to sector intelligence

For the broader security framework for remote and off-grid industrial operations – including logistics for extraction industry sites beyond established road infrastructure – see our security for remote and off-grid operations guide. For the energy sector supply chain security context – pipeline security, facility access, and vendor vetting for oil and gas operators – see our oil and gas energy sector security guide. For agri-business and food sector supply chains in P1 markets – commodity theft at harvest, counterfeit agrochemicals in secondary wholesale markets, South Africa farm attack data, CJNG extortion of Mexican agricultural operations, and INTERPOL Operation Opson food fraud enforcement – see our security for the agriculture and food sector guide. For the specific cargo theft threat environment – TAPA FSR/TSR standards, FreightWatch/Overhaul incident data, Brazil ANTF 21,000 annual attacks, pharmaceutical cold chain diversion, and organised cargo robbery methodology in P1 markets – see our security for cargo theft and freight logistics guide. For the regulatory and legal risk management dimension of supply chains – Modern Slavery Act 2015 s.54 transparency obligations, Bribery Act 2010 Section 7 third-party liability, Tier 2-3 supplier mapping, ISO 28000:2022, and software supply chain intrusion (SolarWinds/3CX case studies) – see our supply chain third-party risk and SCRM guide. For pharmaceutical and cold chain logistics security specifically – TAPA FSR/TSR tiered standards, the Eli Lilly USD 75 million warehouse theft, FDA FSMA intentional adulteration rules, continuous temperature data logging as chain-of-custody evidence, serialisation under FMD and DSCSA, counterfeit medicine WHO data, and P1 city cold chain vulnerabilities in Lagos, Karachi, and Manila – see our pharmaceutical cold chain and logistics security guide.

For high-value portable goods supply chains – the specific security requirements of diamond and precious metals courier operations, Kimberley Process chain-of-custody documentation, LBMA Good Delivery Rules, FATF red flags for money laundering through the precious metals trade, and the Hatton Garden burglary lessons for vault security – see our precious metals and diamond trade security guide.

For the port, border crossing, and customs framework that affects supply chain security – ISPS Code for port facilities, AEO accreditation, container tampering and contraband concealment risks, and the clean device protocol for executive travel through high-risk border points – see our port and border crossing security guide.