Supply chain problems today seem endless, from chip shortages to port congestion to ships running aground. In response, carriers and shippers are accelerating the pace of digital transformation and connecting every aspect of the supply chain. And that, in turn, is creating new security challenges that hackers are readily taking advantage of.
Supply chains are appealing to the cybercriminal community because of the opportunity for wide-scale fraud. Successful attacks are on the uptick, with well-known examples including the NotPetya ransomware attack on Maersk, which resulted in closing down ports and spending over $300m to restore its systems. In addition, this had a significant impact on Maersk's reputation. Suspected nation-state-backed hackers recently targeted the Port of Houston; however, the attack was thwarted before major disruption occurred.
With the spotlight on the supply chain ecosystem, bad actors are looking for ways to exploit the uncertainty. And as the shipping industry becomes more digitized and connected, organizations rely increasingly on technology for tracking and monitoring. This presents a vast footprint for cybercriminals to exploit. As a result, carriers and shippers need to urgently shore up their defenses before a breach occurs.
The concern with cyberattacks on the shipping industry is that the implications extend beyond digital systems to the physical world. The Maersk ransomware attack didn't just affect its systems; it resulted in ports being closed, impacting the entire supply chain ecosystem. The potential knock-on risks from a successful cyber attack are vast, from port equipment failures, resulting in safety concerns, to autonomous ships taken over by rogue actors. Organizations must take into account the potential for significant liability and safety issues that can occur from a breach.
Here are five steps that help prevent the likelihood of a successful cyberattack.
Conduct disaster-recovery planning spanning physical and digital systems. With the risk exposure from a cyber breach spanning the digital and physical worlds, disaster planning must account for this. Therefore, in addition to digital recovery initiatives, it's vital to plan how to handle the potential operational impact. Training must incorporate onshore and at-sea elements to prepare for every conceivable scenario, however unlikely it may seem.
Practice zero-trust at all times. As digitization expands, the security perimeter no longer exists. Therefore, the strategy of relying solely on a firewall needs to be retired. All systems across the ecosystem require authenticated access, which is a challenge for organizations that have been grappling with remote or hybrid workforces. A zero-trust mindset is vital when you swap out workers for ships, trains or trucks.
Realize that security is everybody’s problem. In addition to looking at their own security posture, organizations need to evaluate the security of the entire software supply chain. NIST's Cyber Supply Chain Risk Management (C-SCRM) provides a blueprint for how organizations can undertake a review of supplier’s software.
Double down on security fundamentals. Security basics such as endpoint detection to authentication are still critical. Often, fundamentals like passwords are the weak link that cybercriminals take advantage of. The Colonial Pipeline attack resulted from an ineffective password policy that failed to consider security best practices and NIST recommendations. Simple steps such as making multi-factor authentication mandatory and screening for compromised credentials must be adhered to. In addition, organizations need to prioritize software updates and security patches without delay. Otherwise they’re laying out the red carpet for bad actors to exploit.
Invest in ongoing employee training. As the cyber landscape continues to evolve and bad actors deploy increasingly more sophisticated approaches, employees must receive regular training. This ensures that they’re up to speed on the latest arsenal of tactics, so they don't accidentally help cybercriminals in their quest to gain access. The cost-benefit analysis of failing to invest in training makes this an easy decision.
As the shipping industry grapples with ongoing disruption and uncertainty, it can't ignore the growing risk from cyberattacks. With smart shipping on the rise, the potential for chaos to ensue from a successful breach continues to escalate. The entire supply chain ecosystem must shore up its defenses, or run the risk of letting cybercriminals sail in and take over.
Mike Wilson is founder and chief technology officer at Enzoic.