It is no secret that 2020 exposed vulnerabilities in the supply chain and logistics sector. As the COVID-19 pandemic spread across the globe, supply chain firms had to deal with closed border restrictions and limited staff capacity due to social distancing regulations, whilst simultaneously catering to an explosion in delivery volumes as retailers shifted online to hedge against store closures. Further, lockdowns initiated abrupt interruptions to production chains, meaning critical components were suddenly unavailable due to high demand or lack of the necessary inputs to produce them. This created further backlogs for the supply chain where disrupted delivery of production components had the knock-on effect of further delaying and disrupting end-product delivery and distribution.
Cyber vulnerabilities exposed
For the most part, the supply chain industry reacted well to the disruption and have altered business and delivery models to suit the new normal. As we navigate a post-pandemic world, it is clear that in many instances supply chain and logistics firms were all but a cyber-attack away from complete disaster in 2020. During periods of forced efficiency such as during lockdown, where increased workload must be executed with less staff than normal, cybersecurity is often thrown to the wayside in order to focus all efforts on completing the job at hand. Yet, it is during these disruptive periods that the consequences of a large attack are the greatest.
The weakest links in the supply chain
In order to understand cyber risk to the supply chain and logistics industry, it is important to note that in today’s hyper-connected business landscape, a successful attack on a supply chain or logistics business can have far-reaching knock-on effects for associated businesses such as retailers, manufacturers and even local economies reliant on shippers for jobs. Even without COVID in the mix, the supply chain is an attractive target for cybercriminals seeking to cause maximum disruption to industry and livelihoods.
It is this interconnectedness within the supply chain industry that also makes firms a soft-bellied target for attack. Most supply chain and logistics businesses rely on a myriad of trusted relationships with third parties such as delivery contractors as well as SaaS providers and other speciality firms. We know cybercriminals love a back door, and hackers only need to gain access to one of these third parties to potentially break into entire networks of supply chain and logistics businesses. This threat is far from theoretical too, with recent research indicating that as many as 82% of organisations have suffered a data breach in the 12 months since September due to cybersecurity weakness in the supply chain.
The top three threats for supply chain and logistics firms
We operate in a threat landscape that is as varied as it is complex. Nonetheless, the nature of supply chain and logistics makes the industry more susceptible to some forms of cyber-attack than others.
- Ransomware: Perhaps the most serious threat supply chain firms face comes from ransomware such as WannaCry, Ryuk, and NotPetya, the latter of which brought close to a fifth of the world’s shipping capacity to a halt in June 2017. Cybercriminals targeting supply chain and logistics firms with ransomware do so because they understand the pressures of the industry, particularly post-COVID supply chain firms cannot afford for operations to be compromised for even the shortest of time periods. This means firms are likely to pay ransoms in order to minimise further financial losses.
- Data theft: One of the most common forms of cyber-attack comes in the form of data theft. Often executed in conjunction with ransomware, which a good reason for not paying a cyber-ransom, supply chain firms are privy to a lot of sensitive data. This includes personal information of individuals such as addresses, names, and bank details as well as business information from corporates, manufacturers, and suppliers. Cybercriminals wishing to cash in on the sale of this data to other criminal organisations may target supply chain firms. This threat has proliferated further in recent times as staff working from home are at higher risk of initiating data theft.
- State-backed threat actors: Supply chain and logistics firms play a vital role in ensuring continuity for a range of businesses and economies across the globe. For state-backed hacking groups, referred to those in the business as Advanced Persistent Threat Groups (APTs) supply chain disruption can be a powerful weapon for slowing international trade and crippling businesses, services, and infrastructure in target nations.
How can we stay safe?
In short, supply chain and logistics firms should trust no-one. This means that the identities of every user are constantly verified and updated accordingly. Identity governance controls for roles, entitlements, separation of duties (SoD) policies, and risk are a huge step towards minimising cyber-risk by ensuring only the correct employees can access sensitive information. Further still, a recent IBM study shows that AI, machine learning, and analytics allow companies to respond to data breaches 27% faster. Considering the average response time for companies without these security measures in place is 74 days, it is clear that automated security is another key to maximising protection against cybercriminals.
