Nearly 300 cybersecurity incidents impacted supply chain entities in 2019

Supply chains are already facing a potentially disastrous 2020 as all of the world’s countries work to stop the spread of COVID-19. But cybersecurity incidents are also a grave problem for companies across global supply chains as more enterprises adopt digitized management systems. A new report from supply chain company Resilience360 goes into detail about the cyberthreats facing supply chains in 2020 and the bevy of incidents that occurred throughout 2019. The study found that there were nearly 300 cybersecurity incidents impacting supply chain entities last year, with the most common attack coming in the form of company-crippling ransomware.

“As supply chains have become more digitized, companies have occasionally fallen short of ensuring that they have the necessary measures in place to deal with attacks by bad faith actors. We’ve seen manufacturers fall victim to ransomware attacks multiple times last year, meaning that networks were infiltrated by hackers who blocked system access and encrypted data until a ransom was paid to end the disruption,” said Shehrina Kamal, product director for Resilience360’s Risk Monitoring function.

“Cybersecurity incidents have actually continued to pose a serious threat to supply chain operations. September experienced the highest number of monthly reported alerts in 2019 and the success of these ventures only encourages more infiltration attempts.”

SEE: Ransomware: What IT pros need to know (free PDF) (TechRepublic)

The study found that last year, major companies in the automotive, technology, pharmaceutical, and chemicals industries were all impacted by ransomware, data breaches, and the activities of advanced persistent threat groups. Many of the attacks were designed to specifically take down technical infrastructure, such as industrial control systems, in addition to their more traditional targets in corporate IT networks. 

Two big ransomware attacks in 2019

The report lists two major ransomware attacks that had dramatic effects on production supply chains in 2019. 

The March 19 cyberattack on aluminum producer Norsk Hydro involved LockerGoga, a previously seen ransomware tool that “halted operations at the company’s corporate headquarters in Norway and impeded productivity in its extruded solutions division throughout Europe and North America.” 

“Analysts believe the attack marks a worrying trend, due to its international scope and direct impact on production and logistics assets,” the report added.

On June 7, there was another ransomware attack on Belgian aerospace supplier ASCO Industries that forced the company to shut down production lines at four different factories across North America and Europe. 

The attack was so damaging that the company furloughed nearly 1,000 employees temporarily and was out of operation for more than a month.

“Greater connectivity and digitalization are making manufacturing and supply chain operations more vulnerable to cyber-threats. Factories and logistics facilities can be caught in the crossfire of large-scale cyberattacks by criminals or state-sponsored groups, but they are also being targeted directly by a variety of actors,” the report said.

“As well as being forced to pay to regain access to their systems, victims of such attacks face additional losses from lost production or logistics disruption. In 2019, multiple companies suffered attacks from LockerGoga, a ransomware that targets industrial control systems. Victims included a French engineering company, a Swiss vehicle manufacturer, a Luxembourg pharmaceutical company, and a number of metals and chemicals players worldwide.”

Scott Luton, founder and CEO of Supply Chain Now Radio, noted that the implications of ransomware attacks are often more far-reaching than most companies realize. 

“When you think about things like expired inventory, reputational losses, brand losses, falling stock prices, and other considerations, the total cost of ransomware attacks is actually much higher than the actual ransom itself,” Luton said.

In a call discussing the report, Kamal explained that the most sophisticated attacks last year were from advanced persistent threats, or APT, groups, which she said are generally state-sponsored organizations with the skills, resources, and patience to conduct complicated, long-term incursions into corporate IT systems. 

“We saw evidence of their involvement in attacks on multinational automakers, chemical pharma companies and even an airline. In 2020, the growth of APT attacks combined with increasing digitization of supply chains looks increasingly likely to impact industries and their supply chains,” she said.

The report suggests that companies within supply chains need to kickstart efforts to better understand, assess, and mitigate cybersecurity risks, noting that it will take companywide efforts to protect enterprises from devastating, costly cyberattacks.

Companies now have no choice but to coordinate better and share information because an attack on one enterprise could put dozens of others at risk. As many of the supply chains seek to rebuild after the devastating coronavirus pandemic, cybersecurity should become a priority, the report said.

“The recent coronavirus outbreak has demonstrated that disruptive events can impact demand as well as supply.  It has also highlighted the divide between companies that are able to dynamically visualize and monitor supply chain risks and those that are unable to. The financial and reputational cost of not being able to predict and respond to supply chain risk is more apparent than ever,” said Tobias Larsson, chief executive of Resilience360.

“2019 proved once again that the supply chain risk environment is continually changing and evolving. Last year, companies were challenged by a dramatic escalation in trade tensions and by sophisticated and large-scale cyberattacks.”

Also see