You depend on your third-party supply chains to support your business — and in some cases, the nation’s critical assets rely on it. Cybercriminals know this, making your third-party supply chains prime targets for cyber attacks. 

Cyber attacks on supply chains can cripple major daily-life operations and your business’s reputation — not to mention your stakeholders. With 50% of all supply chain disruptions caused by cyber attacks, it’s time to take action.

What Happens During a Cyber Attack on Supply Chains?

In today’s world, outsourcing is common practice because of its many benefits: cost-saving, access to specialized skill sets and resources, increased flexibility to meet demand, and more. Nearly every major business is likely part of a complex supply chain of third parties that depend on each other.

So, what happens during a cyber attack on supply chains? Attackers infiltrate your networks through an outside partner (your third-party supplier) with access to your systems and data. They then disable, disrupt, destroy, or control computer systems to alter, block, delete, manipulate or steal the data and hold it for ransom. According to IBM’s 2022 X-Force Threat Intelligence Index, ransomware is the most common type of cyberattack, accounting for 21% of incidents. 

With one part of your supply chain crippled by a cyber attack, the whole system will fail, and your business, customers, and stakeholders will suffer.

What is the Cost of Cyber Attacks on Supply Chains?

On average, the cost of cyber attacks on supply chains is $4.35 million per incident. For example, the Colonial Pipeline attack in May 2021 disrupted fuel and gasoline supplies to the southeastern region of the nation. The direct financial impact was the payment of a $4.4 million ransom, but indirect financial and socio-economic repercussions were far greater. 

Another example is the SolarWinds hack. Attackers gained access to computer systems in multiple U.S. government departments, including the treasury and commerce, through SolarWinds’s applications monitoring platform Orion. Over 250 organizations and entities were compromised, costing those involved $12 million in remediation costs

Read the Software Bill of Materials (SBOM) Consumer Use Cases whitepaper to learn more about the Colonial Pipeline and SolarWinds attacks.

Other costs to consider: 

  • Brand reputation and associated losses
  • Operational cost increase

What Are the Negative Effects of Cyber Supply Chain Attacks?

Supply chain attacks can disrupt your operation in both direct and indirect ways. These attacks can cause interruptions in your manufacturing facilities, power plants, and mining operations. Targets can be data centers with HVAC or physical access control systems, warehouse operations systems, or third-party support channels like facility management systems, inventory management systems, and managed service providers. Imagine trying to fill customer orders while your inventory management systems are non-operational or maintaining data center stability without effective cooling.

Indirect methods could impact those systems further down the line from your organization. For example, lithium-ion batteries are critical to many portable tools, from medical devices to automobiles to battery storage facilities. But there are few mines for lithium. If the mine operation were shut down for even a short while, global supplies would feel the impact, which will trickle down to impact your ability to function normally.

4 Ways Companies Can Avoid Cyber Attacks on Supply Chains

1. Complete a thorough risk assessment. 

Find where your vulnerabilities lie using SBOMs and HBOMs. SBOMs will inform your risk and vulnerability management teams about which software is being used in your environment. 

Software applications are comprised of many different software libraries, and determining which of those libraries are used in your software is key to identifying the level of risk that software brings to your environment. 

HBOMs, like SBOMs, identify components in the products you use that are not always easily discoverable. These components include firmware and hardware components like processors and communication chips. This level of scrutiny will help more effectively detect and manage risk in your environment.

2. Educate employees.

Teach your employees what to look for in phishing emails or vishing calls and walk them through flagging the appropriate SecOps team member.

3. Update software and devices.

Most tech suppliers consistently test their products for vulnerabilities and release patches or updates when they discover them. Employees using older versions of the technology are more susceptible to cyber attacks.

4. Create a third-party risk management program.

An enterprise-wide third-party risk management program will help monitor and manage all company interactions with external suppliers. Supplies will include both physical product suppliers as well as services that you are contracting through a third party. This might include your cloud service providers, security service providers, and even your janitorial staff.

5. Create a remediation plan. 

When you partner with a risk management solution provider like Fortress, experts will walk you through creating a remediation plan, which might include discussing how you will communicate information about a breach, evaluating the risk of your third-party suppliers, identifying the suppliers your suppliers are using, and more.

Benefits to securing your supply chain include: 

  • Less frequent unexpected outages
  • More predictable production rates
  • Fewer costly cybersecurity incidents

You’ve Suffered a Cyber Attack. Now What?

If you have a remediation plan that includes restoring cloud backups of your data, you’re off to a good start. If not, here are a few steps to take.

  1. Activate your incident response plan (IRP). Notify key stakeholders as defined in your IRP and mobilize team members immediately.
  2. Assess the breadth of the attack. How much of your data is affected?
  3. Find where the threat is coming from to isolate it and stop the spread.
  4. Refer to your business continuity plan (BCP)/disaster recovery plan (DRP) for guidance on how to approach getting your data back online.
  5. Always perform a lessons-learned activity following an incident to ensure continuous improvement of your IRP, BCP, and DRP.

How Fortress Can Help

Cybercriminals are only getting more sophisticated, which means now is the time to lock down and secure your assets. The Fortress platform can assist with vulnerability management, third-party risk management, and product security analysis programs. Speak with an expert today.