The supply chain has faced a number of challenges in the past eighteen months, from drayage bottlenecks to container shortages to lockdowns and short staffing. While shippers, carriers, and warehousers scrambled to shore up operations, another threat lingered behind the scenes: Cyberattacks.
In the past, we’ve discussed why supply chain companies need to take transportation cybersecurity seriously. That hasn’t changed — in fact, cyberattacks are up by almost 150% between January 2020 and November 2021. Is your company prepared? What can you do right now to amp up your cyber security?
The State of cybersecurity in 2021 and beyond
Our increasingly digital supply chain is more vulnerable than ever to attacks. Hackers use a number of evolving techniques and technologies to access sensitive data and privileges or take over digital systems entirely. Globally, companies spend billions of dollars every year reclaiming their property from online criminals.
According to Cybercrime in a Pandemic World, a report issued by McAfee and FireEye, 91% of global organizations experienced increased cyber threats, and 79% experienced downtime due to cyber incidents during the pandemic. To make matters worse, attacks tend to trend upward during the holiday season when sales activity increases.
Recently, new cybersecurity rules have been established by the federal government in an effort to protect the movement of vital goods. This move comes in the wake of a number of serious and high profile ransomware attacks:
- Attacks on the Colonial Pipeline lead to serious concerns of a gas shortage. Colonial paid a $4.4 million ransom to regain control of their systems
- The New York transit agency’s computer systems were hacked, leading to a major MTA disruption
- Hacks of Kaseya, a software company, impacted operations at many as 1,500 small businesses
Legal guidelines are helpful, but it’s the responsibility of each company to protect its operations from a cyber attack. But where do you start?
Cyberattack prevention measures
Protecting your data and adhering to cybersecurity best practices can prevent a costly breach before it starts.
Protect yourself and your customers by bolstering your defenses against illegal activity now. Here are some steps you can take:
Conduct a risk assessment — Perform regular status checks on your own cybersecurity and the cybersecurity practices of your vendors and suppliers, with a special focus on vulnerabilities. That involves doing a point-by-point analysis of any potential gaps and penetration risks, from IoT devices to software systems to third-party vendor plug-ins.
Analyze third-party risk – Your firewall protections may be airtight, but a gap in a connected software system can spell trouble regardless. It’s vital that you also understand how completely your vendors and suppliers adhere to supply chain security. Submit regular cybersecurity surveys to vendor partners to make sure that their digital safety protocols are up to date and thorough enough to meet your industry’s standards.
Implement least privileged access — Hackers rely on human error to access passwords and evade robust software protections. Avoid giving too many employees authorized access to sensitive information, and use data siloing and network segmentation to limit the scope of a data breach when it occurs. Also, perform regular authorization audits to eliminate access privileges for lapsed or outdated third-party client relationships (a surprisingly easy entry point for hackers).
Adopt cybersecurity best practices — Each industry has its own unique cybersecurity needs. In addition to overall best practices for regular penetration testing, software firewalls, and data practices, look for best practices that are specific to your industry. Different supply chain companies will use different software plugins and IoT devices, each of which come with their own unique vulnerabilities.
Build cybersecurity awareness — Email phishing remains one of the most common hacking methods used by cybercriminals. It’s much easier to trick an employee with a cleverly worded email than it is to trick software. Provide cybersecurity awareness training for all employees — including warehouse staff, drivers, technicians, and other “analog” workers — with special updates for holiday phishing emails and texts.
Prepare for incident response — Develop an incident response plan that can help you get out of a pinch in minutes rather than hours. Go through exercises of what happens when an attack occurs to streamline your process. In these situations, time really is money.
What if prevention doesn’t work — do you pay?
While prevention is the best way to avoid a cyberattack, it can still happen. So… then what?
The answer is a tough one to swallow. During a cyber attack, you may be asked for millions of dollars to regain access to your systems or data — and you may not even get everything back. Many cybersecurity authorities don’t support paying the ransom, including law enforcement. However, many companies comply in order to regain control quickly and minimize losses.
The question of what to do is often murky, and there’s usually no quick and easy fix. Ideally, you will have an emergency action plan that will mitigate the scope of the data lost or systems overtaken. However, on average only 65% of data is recovered after a breach, and only 8% of organizations manage to recover all data. Recovering data may take several weeks, especially if large amounts have been encrypted.
For many companies, it may be easier and even cheaper to pay a ransom than to recover data from a backup, but it will only encourage more ransomware attacks in the future. Also, there’s no guarantee that the hackers will delete stolen data, and they may sell or disclose it later if it’s valuable.
In short, there’s no great solution available in the aftermath of a cyber attack. If you suspect that your systems have been penetrated, it’s wise to consult with a cybersecurity expert for guidance on the next steps.
While prevention is the best option, it always pays to be prepared for anything and have an understanding of your vendors’ networks and security in addition to your own.
Part of being prepared is choosing the right partnerships to ensure robust cybersecurity at all plug-ins. At the port, you want a 3PL that takes cybersecurity seriously. At GlobeCon, we use advanced technology to streamline our services, and back our teams with industry-best cybersecurity practices to protect our partners. We take care of your shipments from the port to your customer’s front door and protect your data throughout the fulfillment process.