Though the logistics and transport segment is ubiquitous and a several trillion-dollar market globally, the industry is extremely unorganized at the macro-level, contending with massive fragmentation, siloed operations, visibility woes, and substantial political and regulatory intervention. This chaos leads to inefficiency within supply chains and sets the stage for a variety of cyber threats like impersonation and opportunistic attacks, with stakeholders losing millions of dollars during the ordeal.
Mimecast, a cyber resilience company, published a threat intelligence report that highlighted the sophistication behind the attacks on supply chains and sought to quell those risks by keeping stakeholders informed about future trends based on threat actors’ current behavior, events and technology. FreightWaves spoke with Carl Wearn, head of e-crime at Mimecast, to understand the implications of such cyber threats on supply chains.
“Cyber threats are mainly opportunistic attacks. The transport industry is going to be targeted heavily due to third-party risks that are a bigger part of supply chains than in other businesses and also because state-sponsored actors want to degrade the transport systems of their rival states,” said Wearn.
Opportunistic attacks are when hackers spot vulnerabilities in a system’s defenses and exploit that to gain control. Malware and ransomware programs are a common occurrence in the transport industry, like in the case of NotPetya cyberattack that paralyzed container line Maersk by wiping out data from 4,000 servers and 45,000 workstations.
Mimecast’s numbers show that the transport, storage and delivery sector was subject to the maximum normalized opportunistic attack threat volume in the third quarter of 2019, accounting for 9% of the total attacks registered.
“The transport sector is something that virtually every business accesses at some point. Attackers are going to be looking at a weak link in any supply chain – whether that’s suppliers or vendors – and are going to attack that link to compromise and gain access to the enterprise,” Wearn explained.
Apart from opportunistic attacks, companies also witness impersonation attacks, a tactic used by threat actors to infiltrate domains, websites, mobile applications, and social media profiles to con organizations into transferring money, compromising sensitive data and/or installing malware.
Wearn explained that for companies to protect themselves from such attacks, it is essential to work with a cyber resilience solution, which can help secure their brand, domain and also securely archive their data.
Nonetheless, human error accounts for about 90% of all breaches. “The key to securing a network is to create awareness and training for employees, making sure they realize the kind of phishing attacks that are out there and what they entail,” said Wearn. “A lot of attacks that take place were identified to have happened over vulnerable Windows and Mac systems that were outdated.”
For critical information like invoices or instructions coming down from senior executives in the company, it makes sense for employees to verify decisions by means other than just email. Wearn pointed out that people might be far too trusting of mediums like email, which can be exploited by threat actors to gain access to the system. To avoid complications, it is beneficial to cross-verify critical instructions via a face-to-face meeting or a phone conversation.