Why building cybersecurity into the supply chain is imperative
- April 17, 2018
Global shipping and logistics businesses are fighting a new kind of war against espionage, theft and ransom: cyberattacks.
The global logistics supply chain is managed with diverse technologies in an environment laden with round-the-clock digital transactions – all of which are exploitable. Ensuring the operability of IT networks and protecting data is essential, as is training employees to identify and respond to socially engineered cyber threats like whaling, phishing and man-in-the-middle schemes. Improving cybersecurity will mitigate risk.
“As industries in the supply chain move towards digitized, and possibly decentralized, records, the need for high-level security protocols increases,” says Darek Dabbs, chief technology officer of Sera-Brynn LLC, a cyber risk management firm based in Suffolk.
Cyberattacks on the supply chain often have disproportionate impact.
In risk analysis, risk is a multiple of the likelihood of the attack and the impact. In a supply chain scenario, the impact is felt both internally and externally. For example, if a maritime shipping enterprise is attacked, the impacted internal units could include container-shipping lines, port and tugboat operations, oil and gas production, drilling services and oil tankers. Externally, those impacted could include manufacturers, freight forwarders, port and terminal operators, distribution centers, retailers and customers.
Recent cyberattacks have targeted the shipping and logistics industry. In May 2017, the WannaCry virus spread throughout some 150 countries, locking users out of computers and demanding ransom. FedEx was one company impacted. Unfortunately for FedEx, a month later, the Petya cyberattack struck its TNT Express unit, causing another major service disruption. Following the cyberattack, Reuters stated FedEx reported lost revenue due to decreased shipping volumes and incurred costs due to the implementation of contingency plans and remediation.
The Petya virus crippled thousands of computers in the worldwide shipping and logistics industry. Also among those struck was A.P. Moller-Maersk, the world’s largest container-shipping line. On its corporate website, Maersk reports on how the attack brought down its network and how its IT staff safely restored thousands of servers, 50,000 employee computers and all business applications.
The adverse impact of these 2017 cyberattacks on global supply chain logistics is still being studied. Past reports on port labor dispute lockouts are illustrative of how a major port shutdown of any kind can cause operational loss reaching into the billions of dollars. A Cognizant whitepaper details the fallout of an 11-day shutdown of West Coast ports in 2002. As the holiday shopping season approached, due to the shutdown retail buyers raced to prioritize shipments to be flown in or re-routed to other ports. Stores experienced low inventory and out-of-stocks, and holiday orders were delayed or canceled. The disruption caused financial losses, collectively in the billions of dollars, to retailers, offshore suppliers and factories.
Cyberattacks are equally costly. The FBI has referenced Petya as the most destructive and costly cyberattack in history. The risk experts from Lloyd’s of London further estimate that an extreme cyberattack could be as costly as damage from Hurricane Sandy ($50-70 billion).
The supply chain of the future
New technologies emerging in supply chain management range from methods to digitize and manage records to the development of autonomous mobile robots in warehouses. Amazon is presently testing drone delivery systems in multiple international locations. The technologies are exciting. However, as with any remote or autonomous system, a cyberattack using ransomware would shut down the service. The more digitized the supply chain becomes, the more important it is for strong cybersecurity practices to ensure vulnerabilities are not easily exploitable.
Compliance is your best firewall
As a result of continuous and significant cyber intrusions affecting the Department of Defense (DoD) and its interests, the DoD now requires that contractors implement a strong cybersecurity program. This has been implemented by mandating compliance with the cybersecurity standard NIST SP 800-171. Compliance with NIST SP 800-171 includes the implementation of 110 security controls, ranging from authentication and configuration management, physical and personnel security to training.
An example of one of the controls is requiring multifactor authentication (MFA) for access to networks with sensitive data. MFA means that you can no longer use just a password but must have an additional method to identify yourself, such as a token or even an iris scan. Notably, the DoD regulation (DFARS 252.204-7012) requires that companies secure their supply chain. The concept – one that has been proven over and over again – is that cybersecurity must encompass third-party vendors, customers and other related business entities.
Sera-Brynn has responded to several significant cyber incidents over the past 24 months and has determined that in every case if the company had been compliant with NIST SP 800-171, the breach would have been prevented or the damage would have been greatly reduced. This is why we say compliance is your best firewall.
Colin Glover is a senior cyber analyst at Sera-Brynn, a global cybersecurity audit and advisory firm located in Suffolk. Colleen H. Johnson is the senior cyber legal analyst at Sera-Brynn and can be reached at firstname.lastname@example.org.