In a digital age where online activity is available at home, on the go, or at work, security threats loom large. According to the Identity Theft Resource Center, data breach events occur daily, with at least 1,473 reported incidents in 2019. This represents an increase of 17% from 2018. These data breaches resulted in the exposure of well over 164.5 million records, virtually all containing highly sensitive information.
While no person or entity is entirely immune to cyber-related security threats, businesses tend to be targeted the most, given they have more assets to potentially exploit. One of the primary targets is the supply chain, perhaps the most fundamental component to smooth, uninterrupted day-to-day business operations.
Inadequate cybersecurity practices by lower-tier suppliers introduce loss events and increasing risk to supply chain partners. Unpatched or poorly written software can introduce security vulnerabilities in the supply chain. Counterfeit hardware or software may contain embedded malware.
What are supply chain cyber-attacks? How do they manifest themselves? How are they executed? More importantly, how do manufacturers go about implementing protective measures to mitigate supply chain risk? Let’s find out.
What are supply chain cyber-attacks?
Supply chain cybersecurity threats are designed to disrupt the various processes involved in the development of goods. As noted by the National Institute of Standards and Technology (NIST), an agency of the Department of Commerce, supply chain cybersecurity threats can touch virtually every production and delivery element at once. This includes design, fabrication, output, transportation, delivery, and more. They can also involve the theft of intellectual property, which may be the inspiration for a particular manufactured commodity.
What is the motivation for these attacks?
The goal of supply chain cyber-attacks largely depends on the actor(s) involved. Intentions may be purely monetary, while others may be revenge, such as a former employee who may feel slighted somehow. Inside jobs are prevalent when manufacturers are targeted. Roughly 30% of the attacks manufacturers receive are conceived by individuals who work within the industry or once did, according to the 2019 Data Breach Investigations Report from Verizon. In more than two-thirds of these incidents, the motivations were financially related, and 27% were driven by revenge or simply for its thrill.
Sean Peasley, who heads Internet of Things (IoT) security at Deloitte, told Supply Chain Dive that no matter their purpose or form, affecting software supply chain programs or otherwise, security threats wreak havoc normalcy. “It can shut down their operations,” Peasley warned. “It can shut down the manufacturing process.”
Why are supply chain cyber-attacks trending?
To expedite workflows and enhance communication among vendors, supply chain networks are highly interconnected and interwoven, more so than ever before, thanks to technological innovation and big data. This enhanced synchronization has served as a double-edged sword. While it shortens production timelines by improving efficiency, a successful breach can trigger a domino effect, impacting development processes or entire companies, warned Shane MacDougall, an expert in cybersecurity threat analysis. Speaking to Supply Chain Dive, MacDougall noted that wiper attacks, which are more common as of late, use malware to delete data from hard drives.
“It takes down your systems and erases them,” MacDougall cautioned. “Unless you have an excellent backup system, you’re not going to recover.” He further noted that while recovery is possible from wiper attacks and other aggressive malware-based scare tactics, returning to normalcy can often take months.
How are supply chain cyber-attacks executed?
Much like how individual components and processes that comprise supply chains can vary, the same can be said for attack methods. For example, internal actors familiar with IT systems may be aware of the information security practices in place, or if they even exist, and intuitively know how to get around them. Existing software may be compromised or not updated with the latest security patches. Since manufacturers often partner with third-party service providers to store data, a breach in their infrastructure can open the flood gates to supply chain sabotage, affecting multiple companies simultaneously.
As supply chain cybersecurity threats become increasingly prevalent and sophisticated in their execution, businesses must constantly be refining their approach to stay one step ahead of scammers and deceivers. Here are a few best practices that can help neutralize supply chain risk, several of which come highly recommended by the NIST:
Choose a security vendor wisely
Maintaining your supply chain’s health and continuity is a full-time job, making it difficult to balance the ongoing requisites of comprehensive cybersecurity. Partnering with a security vendor can provide added peace of mind by singularly focusing on all your needs as they pertain to data protection, recovery, and supply chain optimization. Please do your research by reading customer reviews online on IT support message boards. You should also check out their website to see their service offerings, such as risk assessments, vulnerability management, and incident response.
Maintain a close watch on component parts
Counterfeit components and parts can be the catalyst bad actors need to cause chaos in your supply chain. Ensure that all purchases are tightly controlled and that you stay on the grid when you buy them. In other words, it’s far better to buy from approved parts vendors with higher prices than a no-name company selling for less. Imported parts should be thoroughly inspected before installation.
Maintain a policy of zero tolerance
The game of baseball has three strikes, and you’re out. When it comes to vendor products, it’s best to cut ties after one swing and a miss. In other words, if upon inspection you discover that components are counterfeit or don’t align with expectations, it’s best to move on to another more reliable supplier.
Perform regular threat assessments
Get into the habit of stress testing your systems and the potential for network vulnerabilities to stay protected. Assessments are conducted at a frequency based upon your loss exposure. The likely frequency is twice a year, but no fewer than once annually. According to a study conducted by Deloitte, 42% of business owner respondents said their company received a cyber risk assessment within the past six months. Nearly 1 in 5 said the last time was a year or two ago.
For unshakable confidence, crystal-clear clarity, and comprehensive control of your supply chain and its ongoing protection, trust the professionals at Certitude Security®. We challenge assumptions with meaningful data and dialogue. Contact us today to learn more.