Scared about supply chain cybersecurity? 5 reasons you aren’t scared enough- Part 1

Many organisations and supply chain experts are concerned about cyber security. The risks stemming from supply chain cyber threats are real. In fact, the danger is more frightening and potentially harmful than we realise. Here’s why.

Assessing cyber supply chain security vulnerabilities

Experts on cybersecurity and supply chain management (SCM) like to draw attention to the fact that operating systems are only as strong as their “weakest link.” The “weakest link” argument is evoked with good reason when discussing risk management, says Katherine Barrios, chief marketing officer at Xeneta.

It does not matter how strong your network security is — if there is fragility within it, that’s all that matters, that’s all it takes. Whether the vulnerability stems from poor internal security control or external danger, a compromised link can put the entire global supply chain at risk.

The vulnerability of the supply chain in the midst of the biggest cyber security breach to hit the shipping industry – the breach on Danish maritime giant AP Moller-Maersk’s information technology systems in June 2017- is nerve-racking to say the least. The breach is still causing the international shipping industry to reel.

From one ransomware attack (a variant of “Petya,” originating from a malicious Ukrainian software update, plus phishing emails), near catastrophic failure of global supply chain systems resulted. Terminals in the ports of New York, New Jersey, Miami, Los Angeles and Rotterdam were closed. Terminals operated by Maersk Line, such as the Jawaharlal Nehru Port Trust near Mumbai, India’s biggest container port, couldn’t load or unload because they were unable to track the origins of shipments.

The Port of Gothenburg and many other ports reverted to manual processing for several hours. A freeze on deliveries at the South Florida Container Terminal caused retailers’ orders (including some critical goods) to be delayed.

The backlog of containers continues. Reputational impact on Maersk is high. The financial loss from disrupted production and deliveries of goods to customers in several countries for many companies is too costly to enumerate at this point.

Given that 90% of world trade is transported by sea (Maersk runs close to 600 container vessels and 25% of containers shipped to and from Asia and Europe) (Jacob Gronholt-Pedersen, “Maersk says global IT breakdown caused by cyber attackReuters.com), the impact from such a digital disruption in the communication systems of an increasingly interdependent and complex supply chain is far-reaching. Reuters, “Global shipping giant Maersk is reeling from the ransomware fallout,” Fortune.

“Not to overstate it, but there’s a lot of truth to the idea that networked models of security ‘are only as strong as the weakest link,’” writes Paul Martyn, “Risky business: Cybersecurity and supply chain management,” Forbes. “And because big business will continue to outsource and pursue new markets of customers and supply, the scope of the problem is exploding.”

In almost every industry, companies are more dependent than ever upon suppliers, intermediaries, cloud- based communication systems, third-party service providers and vendors in the supply chain network. “The demand for constant online communication creates enormous opportunities for hackers to exploit weak vendor security practices as a point of entry into their ultimate target,” added Steve Bridges, senior vice president of JLT Speciality, an insurance brokerage firm focusing on cyber insurance (Martyn, “Risky Business.”).

It was through one of Target’s vendors – a HVAC company –that a hacker was able to infiltrate the system causing “the nightmare before Christmas” for the retailer and its customers (stolen credit card and debit card information of up to 70 million people) in 2013 (Maggie McGrath, “Target data breach spilled info on as many as 70 million customers,” Forbes.)

The role and risk of vendors in security lapses in the supply chain were further highlighted by the recent data breach at Verizon, the US’s largest wireless communications carrier. Verizon had been employing Israeli-based telephonic software and data firm, NICE Systems to carry out customer service analytics. The incident was discovered in late June 2017.

Katherine Barrios

An employee from NICE Systems had left the data of millions of customers exposed on an unsecured Amazon server for the previous six months. (Todd Haselton, “Verizon responds to breach that affected millions of customer accounts,” CNBC.)

Both buyer and vendor face potential disaster in the supply chain ecosystem. A weighty burden has been placed on buyers to ensure extreme thresholds of security from all vendor partners. In turn, vendors are at constant risk of legal liability from customers should a security problem be traceable to them. (Martyn, “Risky Business.”)

Part 2 continues tomorrow….

The author of this blog is Katherine Barrios, chief marketing officer at Xeneta

Comment on this article below or via Twitter: @IoTNow OR @jcIoTnow

RECENT ARTICLES

Semtech enhances global connectivity with NTN support in HL78 modules

Posted on: March 29, 2024

Semtech Corporation has announced the integration of non-terrestrial network (NTN) support into its HL series LPWA modules, specifically the HL7810 and HL7812. This significant advancement showcases a leap forward in enabling uninterrupted global connectivity even amidst the most challenging conditions.

Read more

Enhance EV charging performance with cellular connectivity

Posted on: March 28, 2024

Electric vehicles (EVs) are steadily growing their market share at the expense of internal combustion engine vehicles. The growth is fuelled by several factors. Perhaps most importantly, prices for EVs have started to drop as competition in the industry is intensifying. New players and models are emerging, prompting several established EV makers to lower their

Read more
FEATURED IoT STORIES

What is IoT? A Beginner’s Guide

Posted on: April 5, 2023

What is IoT? IoT, or the Internet of Things, refers to the connection of everyday objects, or “things,” to the internet, allowing them to collect, transmit, and share data. This interconnected network of devices transforms previously “dumb” objects, such as toasters or security cameras, into smart devices that can interact with each other and their

Read more

The IoT Adoption Boom – Everything You Need to Know

Posted on: September 28, 2022

In an age when we seem to go through technology boom after technology boom, it’s hard to imagine one sticking out. However, IoT adoption, or the Internet of Things adoption, is leading the charge to dominate the next decade’s discussion around business IT. Below, we’ll discuss the current boom, what’s driving it, where it’s going,

Read more

9 IoT applications that will change everything

Posted on: September 1, 2021

Whether you are a future-minded CEO, tech-driven CEO or IT leader, you’ve come across the term IoT before. It’s often used alongside superlatives regarding how it will revolutionize the way you work, play, and live. But is it just another buzzword, or is it the as-promised technological holy grail? The truth is that Internet of

Read more

Which IoT Platform 2021? IoT Now Enterprise Buyers’ Guide

Posted on: August 30, 2021

There are several different parts in a complete IoT solution, all of which must work together to get the result needed, write IoT Now Enterprise Buyers’ Guide – Which IoT Platform 2021? authors Robin Duke-Woolley, the CEO and Bill Ingle, a senior analyst, at Beecham Research. Figure 1 shows these parts and, although not all

Read more

CAT-M1 vs NB-IoT – examining the real differences

Posted on: June 21, 2021

As industry players look to provide the next generation of IoT connectivity, two different standards have emerged under release 13 of 3GPP – CAT-M1 and NB-IoT.

Read more

IoT and home automation: What does the future hold?

Posted on: June 10, 2020

Once a dream, home automation using iot is slowly but steadily becoming a part of daily lives around the world. In fact, it is believed that the global market for smart home automation will reach $40 billion by 2020.

Read more

5 challenges still facing the Internet of Things

Posted on: June 3, 2020

The Internet of Things (IoT) has quickly become a huge part of how people live, communicate and do business. All around the world, web-enabled devices are turning our world into a more switched-on place to live.

Read more