Digitalization is a blessing to the supply chain industry. It’s significantly improved the operational efficiencies of the supply chain. But digitalization has a downturn—it’s opened supply chain enterprises to more scrutiny from malicious actors.
For example, weekly attacks on the
Why do cybercriminals target supply chains? One explanation is the network. The supply chain is a network of manufacturers, suppliers, and retailers. Therefore, an attack on the supply chain is considered “high impact” because of the sensitivity of the data involved. The higher the impact of breaches, the better for cybercriminals.
An attack on the supply chain is considered “high impact” because of the sensitivity of the data involved. The higher the impact of breaches, the better for cybercriminals.
Another reason is supply chains are easy targets. Supply chain enterprises, on average, care less about security measures. In 2020, a
Without adequate security policies, technological systems are like a house without a fence; they’re easy to infiltrate.
A third reason is ransomware groups. Ransomware groups—also called Ransomware-as-a-service (RaaS)—provide malicious code to amateur and professional hackers to infiltrate systems. In the last few years, RaaS gangs have grown, and they increasingly target the supply chain. Check the image below for prominent attacks RaaS gangs orchestrated on the supply chain.
What weaknesses do malicious actors target in the supply chain?
-
Login credentials: Digital systems require passwords to manage accessibility. But weak or compromised passwords plague the logistics industry. According to NordPass, the
employees of T&L don't use unique passwords to protect their digital systems. Instead, the employees use easy passwords such as “password”, “company name”, “company name 123”, etc.Besides, the infamous attacks on US-based supply chains—JBS (a meat processing firm) and Colonial Pipeline—buttresses the poor accessibility security in the supply chain industry. For Colonial Pipeline, an employee's compromised password of the Virtual Private Network (VPN) was the entry point of attack. The JBS intrusion is a similar story: attackers gained unsolicited access through the unguarded credentials of JBS workers that were available on the dark web.
-
Software blunders: Computer programs—such as remote desktop protocols (RDPs), VPNs, and firewalls—require protection. Leaving software, especially open-source software programs, unguarded is terrible for security. Open-source programs typically contain known vulnerabilities malicious actors can explore.
In 2021, Intel 421—a cybercrime intelligence company—examined the
software vulnerabilities of logistics companies in Asia, the US, and the UK. According to the report, cybercriminals gained unwanted access mainly through unprotected RDPs, VPNs, and private networks. BlueVoyant’s 2022 cybersecurity report also corroborates Intel 421 findings.According to BluveVoyant, 90% of the top 20 logistics companies used open RDPs. Additionally, 10 of the top 20 used “software with high severity vulnerabilities” on their servers. Software blunders like these only have one end—security violation.
-
Unsecure emails equal more phishing: Phishing is an age-long tactic threat actors use to con sensitive information from people. Phishing scams are often spread through emails and text messages. Email security is still an issue in the logistics industry—90% of the top 20 logistics companies lack email and phishing security. Therefore, it’s unsurprising that
3.6% of global phishing scams target the logistics industry.
Phishing is an age-long tactic threat actors use to con sensitive information from people
What’s the way forward for the supply chain industry?
-
Increase cybersecurity awareness: Cybersecurity awareness is ongoing education about the latest security practices. But many logistics companies are complacent with cybersecurity education—at least
55% of logistics employees can’t manage cyber attacks.Ignorance and gullibility fuel breaches; therefore, cybersecurity education is the first step to cyber protection. To begin with, implement basic security measures such as multi-factor authentication (MFA), phishing and email security, and third-party assessment policies.
2. MFAs + Zero Trust = formidable security: Password breaches are still high—weak passwords caused
21% of ransomware attacks in 2021. MFAs provide an extra layer of security to protect your accessibility credentials. Microsoft reports thatMFAs block 99.9% of cyber breaches . That’s how effective MFAs are! For instance, the Colonial Pipeline breach was partly successful because the exposed VPN account lacked MFA. With an MFA, there’s a high chance Colonial Pipeline would avert the intrusion.For formidable security, add zero-trust security to the mix. Zero-trust infrastructure works on a “never trust, always verify” policy. It verifies every entity, internal or external, before granting access to a system. Zeo-trust security is an advanced policy that manages every network traffic.
-
Patch your software: Software programs always require updates (or “patches”) to fix bugs and vulnerabilities. Once available, always patch your systems.
-
Cyber attacks are inevitable; implement incident response (IR): “how” and “who” respond to risks, vulnerabilities, and violations can make or mar your security system. IR defines the personnel and tools for different cyber scenarios. Crucially, it describes how to identify weaknesses that affect systems.
- Have backups: Backups, an archive of your data, hastens data recovery should you experience data violation. The standard backup policy is to save three copies (one primary and two backup copies) of your data on two different media with one offsite copy.