In the past few years, many high-profile cyber security breaches have affected large supply chains. Target saw 110 million people’s personal information stolen by a refrigeration contractor. Meanwhile, 600 million Samsung phones were found to have a major security issue. And in June of 2017, a seemingly innocuous Ukrainian tax software attacked multiple European businesses.
With so many major hacks and cyber security issues, this is an important time to start incorporating cyber security measures within your supply chain optimization plan. Here, we’ll describe the recent European IT breach and then explain how a similar attack could affect your supply chain at any time.
The Petya Security Breach Explained
Cyber security experts dubbed the European cyber attack "Petya". This attack was particularly insidious because it manipulated weaknesses in computer systems to travel quickly through the Ukraine, Russia, Europe, and even into the United States. Like many other recent attacks, Petya was a ransom ware attack, or a kind of attack that locks files or computer systems and requires their owners to pay a fee before they can unlock the files or system again.
Petya affected over 100 companies and institutions. Some of the victims of the attack included Merck, a pharmaceutical company, and PAO Rosneft, a Russian oil firm. Most of the companies were instructed to pay a $300 ransom in Bitcoin before their files and servers would be re-released to them.
The attack has become such a problem because experts are having difficulty discovering where it originated. Their proposed source, a Kiev-based software company called Intellekt Servis, said it was a victim of the virus, not its creator. The company says that Intellekt’s latest software release on June 22 contained no virus. Experts suggest that this is not the case, however. After its release, the software spread to corporate networks, according to Cisco Systems and Kaspersky Lab security management.
You’re Not Exempt
Cyber attacks like Petya are a problem for American supply chains because they spread indiscriminately. If a user connected to your network gets infected with ransom ware or other types of viruses, they can easily spread to your network if anyone at your company clicks on an infected link or download. Most of the time, ransom ware spreads by sending out installation files masquerading a specific look like official software updates.
What Does This Mean For Your Supply Chain?
1. No matter where the hack derives, your reputation will be affected
Internal security or lack of compliance to security protocols could explode into a major problem if hackers exploit this vulnerability. For example, if you don’t have the proper security protocols in place for your employees to work remotely, then you might find the situation of an employee taking a laptop that shouldn’t leave headquarters results in a major IT hack.
Unfortunately, customers and partners are not interested in how your supply chain was hacked. Instead, they are only interested in the fact that your security could not prevent a cyber security breach. And this perception diminishes your reputation, no matter the cause.
2. One click from an employee could introduce a vulnerability to your entire supply chain
Educate your employees about cyber security as part of your supply chain optimization plan. They should be extremely cautious when clicking links or opening attachments. Remember, it is nearly impossible to download a virus onto your network without clicking on something malicious; however, once one person downloads a virus, it can easily spread across your entire network.
3. Third party vendors need to be as secure as your main headquarters
Third party vendors can also spread viruses to your supply chain, so if you don’t think about how your vendors can affect your cyber security, you should think again. Outside vendors can, either on purpose or through a vulnerability in their firewall, introduce security threats to your network. If they want to exploit you, too, some hackers will consider your business partners first. As part of your supply chain optimization plan, research your third-party vendors’ security procedures.
With the emergence of new and increasingly sophisticated attacks, you need to be constantly vigilant in updating your supply chain’s security protocol so that it responds to commonplace threats in the modern workplace. Boost your security today to avoid an attack tomorrow.
About Michael Wilson
Michael Wilson is AFFLINK'S Vice President of Marketing and Communications. He has been with the organization since 2005 and provides strategic leadership for the entire supply chain team. In his free time, Michael enjoys working with the Wounded Warrior Project, fishing, and improving his cooking skills.