Blog Headers (7)

ICAT Blog: Article Protecting Your Supply Chain from Cyberattacks

April 19, 2023

Technology has greatly advanced over the past decade. That equates to more advanced threats.

As supply chains continue to expand in the digital world, the more commonplace cybercriminals and cyberattacks will become. If that’s not scary to imagine, consider this statistic—attacks originating from the supply chain increased by 62% in 2022.

So, if these “attacks” are such a problem, how can you be prepared and protect yourself from cyberthieves?

What are cyberattacks and why are supply chains a target for them?

A cyberattack is an unwelcome attempt to steal, expose, alter, disable, or destroy information through unauthorized access to computer systems or networks. Moreover, a “supply chain attack” refers to when someone uses an outside provider or partner that has access to your data and systems to infiltrate your digital infrastructure. That is why supply chain attacks are so appealing.

Although some of the responsibility falls on businesses themselves, nearly half of all organizations don’t require security standards for their suppliers or outside vendors, and one-third do not regularly monitor or perform a risk assessment of their suppliers’ cybersecurity procedures. Due to these obvious gaps, cybercriminals capitalize on these shortcomings and see them as HUGE opportunities.

What are the different types of supply chain attacks?

  • Upstream server attack – This is the most common type of cyberattack where a malicious actor infects a system that is “upstream” of users (such as a malicious update) which then infects all the users “downstream” who download it. This is notably what occurred in the SolarWinds supply chain attack that happened in 2020.
  • Midstream attack – This attack targets intermediary elements, such as software development tools. These include ransomware (or malware attacks) that encrypt the victim’s data and prevent access until a ransom payment is made. This recently happened and shut down Colonial Pipeline which transports more than 100 million gallons of gasoline and other fuel daily from Houston to the New York harbor.
  • Dependency confusion attack – Exploits private internally created software dependencies by registering a dependency with the same name but with a higher version number on a public repository. The false dependency is then likely to be pulled into the software build instead of the correct dependency.
  • Stolen SSL and code-signing certificate attack – Compromises the private keys used to authenticate users of secure websites and cloud services. This is what just recently happened to Okta where there was a breach of its GitHub repositories.
  • CI/CD infrastructure attack – Introduces malware into the development automation infrastructure.
  • Open-source software attack – Introduces code into builds that propagate downstream to those who use the build.

How can you prevent and detect a supply chain attack?

Many companies are starting to realize just how important cybersecurity is and that supplier risk is one of their biggest challenges. Although these “attacks” will never be 100% preventable, there are some ways you can protect yourself and your business.

1. Create an internal threat detection and response team.

Put together a team consisting of your IT department and members from other major departments (i.e., Accounting, Marketing, Operations) to develop an incident response plan. This plan should be systematic and incorporate honest and transparent information to disseminate to internal stakeholders, customers, and other potentially affected parties in a timely manner. When something like this occurs, the cause and steps being taken to mitigate the problem should be disclosed.

2. Protect your internal systems.

Making sure your internal systems are protected against malicious software (malware) should be top of mind! Make sure you install firewalls and reputable virus-detection software. These will block malware access to your systems. The software that you use should have a strong security system with password protection, multi-authentication, and the ability for a user to take control. In addition, be sure to regularly back up your files and databases to protect your data from a cyberattack.

3. Set up and hold cybersecurity training for your employees.

All personnel should be trained on proper cybersecurity procedures and be aware of cyber interference and hacking attempts. Educate your employees on the dangers of opening suspicious emails, what to look for when a potentially harmful email is received, and how clicking on unknown URLs, links, or attachments can be detrimental to the company’s overall security.

Cybercriminals will often mirror email addresses and invoices and use text messaging to hack into mobile devices. It is imperative that you train your personnel to not just download anything, including unauthorized software or apps that could breach your security walls. If a message seems strange, do not click it!

4. Collaborate with your supply chain partners.

Oftentimes, cyberattacks come from partners within your supply chain network. You should always do your due diligence and ensure you’re working with reputable partners.

In the logistics industry, online platforms are shared and create potential vulnerabilities. Always remain cognizant. Even though you can’t control others’ security measures, you can choose to work with partners, like ICAT Logistics, that conduct regular security audits and possess external security certifications.