In a digital age where online activity is available at home, on the go, or at work, security threats loom large. According to the Identity Theft Resource Center, data breach events are a daily occurrence, with at least 1,473 such reported incidents in 2019. This represents an increase of 17% from 2018. These data breaches resulted in the exposure of well over 164.5 million records, virtually all containing highly sensitive information.
While no person or entity is entirely immune to cyber-related security threats, businesses tend to be targeted the most, given they have more assets to potentially exploit. One of primary targets is the supply chain, perhaps the most fundamental component to smooth, uninterrupted day-to-day business operations.
Inadequate cybersecurity practices by lower tier suppliers introduce loss events and increasing risk to supply chain partners. Unpatched or poorly written software can introduce security vulnerabilities in the supply chain. Counterfeit hardware or software may contain embedded malware.
What are supply chain cyber-attacks? How do they manifest themselves? How are they executed? More importantly, how do manufacturers go about implementing protective measures to mitigate supply chain risk? Let’s find out.
What are supply chain cyber-attacks?
Supply chain cybersecurity threats are designed to disrupt the various processes involved in the development of goods. As noted by the National Institute of Standards and Technology (NIST), an agency of the Department of Commerce, supply chain cybersecurity threats can touch virtually every element of production and delivery at once, such as design, fabrication, output, transportation, delivery, and more. They can also involve the theft of intellectual property, which may be the inspiration for a particular manufactured commodity.
What is the motivation for these attacks?
The goal of supply chain cyber-attacks largely depends on the actor(s) involved. Intentions may be purely monetary, while others may be revenge, such as a former employee who may feel slighted in some way. Inside jobs are particularly common when manufacturers are targeted. Roughly 30% of the attacks manufacturers receive are conceived by individuals who work within the industry or once did, according to the 2019 Data Breach Investigations Report from Verizon. In more than two-thirds of these incidents, the motivations were financially related and 27% were driven by revenge or simply for the thrill of it.
Sean Peasley, who heads Internet of Things (IoT) security at Deloitte, told Supply Chain Dive that no matter their purpose or form, affecting software supply chain programs or otherwise, security threats wreak havoc on normalcy. “It can shut down their operations,” Peasley warned. “It can shut down the manufacturing process.”
Why are supply chain cyber-attacks trending?
To expedite workflows and enhance communication among vendors, supply chain networks are highly interconnected and interwoven, more so than ever before thanks to technological innovation and big data. This enhanced synchronization has served as a double-edged sword. While it shortens production timelines by improving efficiency, a successful breach can trigger a domino effect, impacting development processes or entire companies, warned Shane MacDougall, an expert in cybersecurity threat analysis. Speaking to Supply Chain Dive, MacDougall noted that wiper attacks, which are more common as of late, use malware to delete data from hard drives.
“It takes down your systems and erases them,” MacDougall cautioned. “Unless you have a really good backup system, you’re not going to recover.” He further noted that while recovery is possible from wiper attacks and other aggressive malware-based scare tactics, returning to normalcy can often take months.
How are supply chain cyber-attacks executed?
Much like how individual components and processes that comprise supply chains can vary, the same can be said for methods of attack. For example, internal actors who are familiar with IT systems may be aware of the information security practices that are in place, or if they even exist, and intuitively know how to get around them. Existing software may be compromised or not updated with the latest security patches. Since manufacturers often partner with third-party service providers to store data, a breach in their infrastructure can open the flood gates to supply chain sabotage, affecting multiple companies simultaneously.
As supply chain cybersecurity threats become increasingly prevalent and sophisticated in their execution, businesses must be constantly refining their approach to stay one step ahead of scammers and deceivers. Here are a few best practices that can help neutralize supply chain risk, several of which come highly recommended by the NIST:
Choose a security vendor wisely
Maintaining the health and continuity of your supply chain is a full-time job, making it difficult to balance the ongoing requisites of comprehensive cybersecurity. Partnering with a security vendor can provide added peace of mind by singularly focusing on all your needs as they pertain to data protection, recovery and supply chain optimization. Do your research by reading customer reviews online in IT support message boards. You should also check out their website to see what their service offerings include, such as risk assessments, vulnerability management, and incident response.
Maintain close watch on component parts
Counterfeit components and parts can be the catalyst bad actors need to cause chaos in your supply chain. Make sure that all purchases are tightly controlled and that you stay on the grid when you buy them. In other words, it’s far better to buy from approved parts vendors with higher prices than a no-name company selling for less. Parts should be thoroughly inspected before installation.
Maintain a policy of zero tolerance
The game of baseball has three strikes and you’re out. When it comes to vendor products, it’s best to cut ties after one swing and a miss. In other words, if upon inspection you discover that components are counterfeit or don’t align with expectations it’s best to move on to another supplier that’s more reliable.
Perform regular threat assessments
Get into the habit of stress testing your systems and potential for network vulnerabilities to stay protected. These assessments should ideally be done twice a year, but no fewer than one. According to a study conducted by Deloitte, 42% of business owner respondents said their company received a cyber risk assessment within the past six months. Nearly 1 in 5 said the last time was a year or two ago.
For unshakable confidence, crystal-clear clarity, and comprehensive control of your supply chain and its ongoing protection, trust the professionals at Certitude Security®. We challenge assumptions with meaningful data and dialogue. Contact us today to learn more.