Cybersecurity In The Supply Chain
Cybersecurity isn’t often associated with shipping. Usually, when breaches occur it’s the governmental, healthcare or financial industries that are impacted. However, wherever there is sensitive information, there are malignant actors trying to exploit it. And that is very much the case for the logistics sector.
Logistics companies often rely on these third-party organisations to develop components that will protect their supply chains. This includes advanced technological softwares that enhance efficiency and result in dependency from businesses.
However, the increased use of technology to manage supply chains bears the consequence of cyber attack threats escalating. The third-party organisation’s codes that are often employed attempt to prevent attackers, but more often than not, companies experience the negative impact of cybersecurity breaches in their supply chains.
Increasing threat of attack
Supply chain attacks have become a growing threat. High profile attacks have indicated how attackers can drastically increase the impact of an attack by compromising singular companies and exploiting loyalties to gain access to customer networks.
It is therefore necessary to develop supply chain security solutions to assist organisations in protecting their data and improve the understanding of their teams. This allows them to pinpoint and address vulnerabilities by attackers.
There are different types of supply chain attacks. In a software supply chain attack, malicious code could be introduced into an application, affecting all its users. Conversely, a hardware supply chain attack involves a malicious entity compromising physical components to infiltrate an organisation’s systems.
Regardless of the method, supply chain attacks can cause severe repercussions for a company and its wider stakeholders.
SolarWinds hack
While attacks have been commonplace for the last decade, it has only been recently that we’ve seen the damage that can be caused by data breaches like one that occurred at SolarWinds.
SolarWinds is a major software company in America, which provides system management tools for network and infrastructure monitoring, as well as other technical services.
One of their products, Orion, could obtain system performance data and it made SolarWinds an attractive target. At the time of the attack, it was used by over 30,000 public and private organisations, including local, state and federal agencies.
The group suspected to be responsible for the attack in 2020 were identified by Microsoft as Nobelium – nation-state hackers.
They inserted malicious code into the Orion system via SolarWinds personnel. Internal staff inadvertently distributed the backdoor malware through a seemingly ordinary Orion update. This resulted in the exploitation of data, networks and systems of thousands of users.
This is a significant attack as it turned the Orion software into a weapon that could gain access into several government systems and private systems worldwide. The damage was so significant that the hack became a catalyst for mass changes in the cyber-security industry.
Companies learnt that merely building a firewall to protect information is not enough. Instead, they must search for vulnerabilities in their own systems and either shore them up or turn them into traps.
The importance of crisis management
Of course, there is no surefire way of preventing data breaches. While cybersecurity is improving, so are attacks. Attempts made by hackers are becoming more sophisticated by the day placing a greater importance on how companies handle the fallout – like MOVEit.
MOVEit is a managed file transfer software product that encrypts files as well as providing automation services, analytics and failover solutions. It is a popular within the healthcare, IT, government and financial service industries.
But in May 2023, a vulnerability was found in their software that enabled hackers to steal files from organisations via public-facing servers.
It was estimated that almost 100,000 employees, current and past, were impacted by the breach. The calculated total number of organisations affected reached 2500, with more than 80% being US-based.
But despite the scale of the breach, MOVEit were credited on their well-handling of the breach, as they quickly provided patches, as well as continuous informative advice that aided any hope of rapid recovery.
Australia’s port operator incident
DP World manages almost half of the goods that flow in and out of Australia, and in November they were attacked by hackers. The breach halted movement at the container terminals in Melbourne, Sydney, Brisbane and Western Australia’s Fremantle – all the most populous ports for trade in the country and halted 40% of the nation’s maritime freight.
The incident has come as the operator has been controlled by an ongoing labour dispute with dockworkers and other roles in the ports supported by the Maritime Union of Australia. They are dealing with challenges of wages and work conditions.
While the fallout is drawing scrutiny by international trade bodies, Australia has now created a new cyber security strategy of international alignment and coordination in order to counter the cyber threats.