Cyber Crisis in the Supply Chain
One month after a ransomware attack crippled Colonial Pipeline’s East Coast fuel distribution, another massive attack — likely perpetrated by the same or a related entity — hit North American meat supplier JBS. The attack halted meat distribution abilities, backlogging the supply chain, and driving up meat prices.
When it comes to hostage-taking, there are few prizes so large as those slated for America’s dinner plate.
Supply chains appeal to attackers
As the old saying goes, a chain is only as strong as its weakest link. For this reason, logistics companies and the vendors serving them appeal particularly to cyber criminals. Consider the following:
- A successful phishing attack at a supply chain or vendor company gives an attacker the ability to drop malware on an internal network;
- Supply chain companies have notoriously out-of-date and therefore vulnerable employee computer and email systems;
- Phishing and spoofing attacks more are more likely to succeed in vulnerable systems;
- 60–80% of all security incidents are now identity related, as we discuss in an earlier post so email security vulnerabilities lead to more costly problems;
- Seizing IT systems for a business involved in supply chain management quickly sends ripples out into the consumer world;
- When millions of people’s access to food, fuel, or other critical resources are threatened, a company feels more pressure to pay ransom.
According to one expert, food supply companies have “about the same level of security as manufacturing and shipping. Which is to say, not very.” So in short, food suppliers offer attackers an easy target with big rewards.
By disrupting just the right server, a ransomware attack can wreak havoc across millions of households. There’s little tolerance for this when it comes to essential commodities. Colonial Pipeline paid $4.4 million in ransom to hackers to return fuel supply to one of the mostly populated areas in the US. We don’t know exactly how JBS got their systems back online, but it likely cost them dearly.
Digitizing supply chains creates more vulnerabilities
Our global supply chain is already quite vulnerable. Consider how an ice storm or disease can create a run on and subsequent shortage of items like toilet paper. Or how easily one (albeit large) Evergreen container ship could jam up global shipping for several days. Or even of the impact piracy has on shipping around the horn of Africa.
Integrated supply chains are a new frontier for backlogs in our supply chain. As supply chain companies inevitably embrace the benefits gained from digital systems, they create new opportunities for supply chain disruption. For the enterprising criminal, holding a server hostage is a lot easier, less costly, lower risk, and more effective than, say, taking a ship hostage.
As one security expert observed in a recent Washington Post article about the JBS attack, “I would argue that the continued digitization of modern society creates boundless opportunities for cyber criminals. For the corporate world, the efficiencies gained through putting services and workloads online are simply too attractive to eschew. But with this increased digitization comes dependency, and securing complex systems can be very difficult. It is likely going to get worse before it gets better.”
Ransomware, supply chain, and blockchain
Between 2019 and 2020, ransomware attacks on logistics companies tripled. Attacks on choke points within supply chains have magnified results and thus often result in quick payouts to criminals. The recent sequential attacks on fuel and meat supply chains are no coincidence: Attackers know certain IT systems are more valuable than others and target them.
As digitization continues, we need supply chain and logistics companies to think about how to build their online systems securely. This means eliminating the choke points introduced by traditional cloud infrastructure. Blockchain’s distributed cloud storage systems offer a solution.
- HeraSoft’s next generation software offers a variety of products and services to improve enterprise cybersecurity.
- HeraVault™ offers distributed cloud storage with built-in replication, error correction and restoration capabilities.
- HeraFlow™, is an AI-Powered threat analysis system for fast and accurate threat data monitoring perfect for high-volume workloads and enterprise-level SOC’s.
- HeraPass™, with inherently fraud proof design, helps businesses innovate user management in IoT environments by achieving the anonymization and encryption of highly-sensitive data.
- HeraStamp™ proof-stamps mission critical data to permanent data stores and can help with data integrity in, for example, ecommerce settings.