Cyberattacks on Supply Chains Continue to Rise

By Logan Wamsley

Supply chains around the world, in addition to the delays and shortages, caused by COVID-19, have had another risk emerge in 2021: cyberattacks.

This year supply chains have been the new favorite targets for hacking groups and bad actors. According to a recent report from the The European Union Cybersecurity Agency (ENISA), supply chain attacks may increase by four-fold for the remainder of the year. This continues a trend that stretches back to 2020, when all four of the largest global maritime shipping companies reported being the victim of cyberattacks.

Some of the attacks advertised by hackers on the dark web have been astounding. August 2021, one individual well-known for ransomware use claimed access to corporate networks of a U.S.-based transportation management and trucking software supplier, as well as a U.S.-based commodity transportation services company. July 2021, a group of hackers claimed they had gained access to a network owned by a Japanese container transportation and shipping company. In September, another known ransomware assailant advertised that it has gained access to hundreds of companies, including a U.K.-based logistics company.

According to Eva Velasquez, President and CEO of the ITRC, said 2021 is just 238 breaches away from tying the record for a single year. “It’s also interesting to note that the 1,111 data breaches that the amount and quality of data being exfiltrated by hackers from cyber-attacks,” she says. “So far, this year exceeds the total number of data compromises from all causes in 2020.”

What makes the supply chain such an enticing target is its sheer breadth which can be tied to every facet of an organization, its vulnerability due to years of budget constraints and a lack of cybersecurity updates and COVID-19 issues, and its potential for devastation — which in turn leads to a greater chance of ransom payouts.

Moving forward in this environment requires companies to make serious consideration home how to best improve both cybersecurity awareness and the cybersecurity technology. This includes investments into hybrid cloud systems, artificial intelligence, Edge computing, and 5G, but it also includes measures that can decrease reliance on a just-in-time inventory model. The less reliant a company can be on a continual supply chain, the less the supply chain has to extend, which in turns minimizes vulnerabilities.