In a digital age where online activity is available at home, on the go, or at work, security threats loom large. According to the Identity Theft Resource Center, data breach events occur daily, with at least 1,473 reported incidents in 2019. This change represents an increase of 17% from 2018. These data breaches resulted in the exposure of well over 164.5 million records, virtually all containing highly sensitive information.
While no person or entity is entirely immune to cyber-related security threats, businesses tend to be most targeted, given they have more assets to exploit potentially. One of the primary targets is the supply chain, perhaps the most fundamental component to smooth, uninterrupted day-to-day business operations.
Inadequate cybersecurity practices by lower-tier suppliers introduce loss events and increase the risk to supply chain partners. Unpatched or poorly written software can introduce security vulnerabilities in the supply chain. Counterfeit hardware or software may contain embedded malware.
What are supply chain cyber-attacks, how do they manifest themselves, and how are they executed? More importantly, how do manufacturers implement protective measures to mitigate supply chain risk? Let’s find out.
What are supply chain cyber-attacks?
Supply chain cybersecurity threats focus on disrupting the various processes involved in the development of goods. As noted by the National Institute of Standards and Technology (NIST), an agency of the Department of Commerce, supply chain cybersecurity threats can touch virtually every production and delivery element at once. This exposure includes design, fabrication, output, transportation, delivery, and more. They can also involve the theft of intellectual property, inspiring a particular manufactured commodity.
What is the motivation for these attacks?
The goal of supply chain cyber-attacks largely depends on the actor(s) involved. Intentions may be purely monetary, while others may be revenge, such as a former employee who somehow feels slighted. Inside jobs are prevalent when the target is manufacturers. Roughly 30% of the attacks manufacturers receive are conceived by individuals who work within the industry or once did, according to the 2019 Data Breach Investigations Report from Verizon. In two-thirds of incidents, motivations were financially related, and 27% were driven by revenge or thrill.
Sean Peasley, who heads Internet of Things (IoT) security at Deloitte, told Supply Chain Dive that no matter their purpose or form, affecting software supply chain programs or otherwise, security threats wreak havoc normalcy. “It can shut down their operations,” Peasley warned. “It can shut down the manufacturing process.”
Why are supply chain cyber-attacks trending?
Thanks to technological innovation and big data, supply chain networks are interconnected and interwoven to expedite workflows and enhance vendor communication. This enhanced synchronization has served as a double-edged sword. While it shortens production timelines by improving efficiency, a successful breach can trigger a domino effect, impacting development processes or entire companies, warned Shane MacDougall, an expert in cybersecurity threat analysis. Speaking to Supply Chain Dive, MacDougall noted that wiper attacks, which are more common as of late, use malware to delete data from hard drives.
“It takes down your systems and erases them,” MacDougall cautioned. “Unless you have an excellent backup system, you’re not going to recover.” He further noted that while recovery is possible from wiper attacks and other aggressive malware-based scare tactics, returning to normalcy can often take months.
How are supply chain cyber-attacks executed?
Much like how individual components and processes that comprise supply chains can vary, the same holds for attack methods. For example, internal actors familiar with IT systems may be aware of the information security practices in place, or if they even exist, and intuitively know how to get around them. Existing software may be compromised or not updated with the latest security patches. Since manufacturers often partner with third-party service providers to store data, a breach in their infrastructure can open the flood gates to supply chain sabotage, affecting multiple companies simultaneously.
As supply chain cybersecurity threats become increasingly prevalent and sophisticated in their execution, businesses must constantly refine their approach to stay one step ahead of scammers and deceivers. Here are a few best practices that can help neutralize supply chain risk, several of which come highly recommended by the NIST:
Choose a security vendor wisely
Maintaining your supply chain’s health and continuity is a full-time job, making it challenging to balance the ongoing requisites of comprehensive cybersecurity. Partnering with a security vendor can provide added peace of mind by singularly focusing on your data protection, recovery, and supply chain optimization needs. Please do your research by reading customer reviews online on IT support message boards. You should also check out their website to see their service offerings, such as risk assessments, vulnerability management, and incident response.
Maintain a close watch on component parts
Counterfeit components and parts can be the catalyst bad actors need to cause chaos in your supply chain. Ensure that all purchases are tightly controlled and that you stay on the grid when you buy them. In other words, it’s far better to buy from approved parts vendors with higher prices than a no-name company selling for less. Operations should thoroughly inspect imported parts before installation.
Maintain a policy of zero tolerance
The game of baseball has three strikes, and you’re out. When it comes to vendor products, it’s best to cut ties after one swing and a miss. In other words, if upon inspection you discover that components are counterfeit or don’t align with expectations, it’s best to move on to another more reliable supplier.
Perform regular threat assessments
Get into the habit of stress testing your systems and the potential for network vulnerabilities to stay protected. Perform routine assessments at a frequency based upon your loss exposure. The likely frequency is twice a year but fewer than once annually. According to a study conducted by Deloitte, 42% of business owner respondents said their company received a cyber risk assessment within the past six months. Nearly 1 in 5 said the last time was a year or two ago.
As a proud supporter of American manufacturing, Certitude Security® is working diligently to inform leaders and facilitate essential asset protection priorities for manufacturing businesses throughout the United States. When you are interested in learning about the empowering services that Certitude Security® can offer, visit our website or coordinate a time to speak to a team member today.