Ransomware and the supply chain

Issue 7 2021 Logistics (Industry)

Criminal syndicates have put the world on notice, with an increasing number of sophisticated attacks highlighting the need for a robust cybersecurity strategy. The almost daily headline-grabbing attacks are not unique to South Africa, they are happening around the world at an alarming pace. Their new hack of choice won’t surprise anyone who’s been paying attention – ransomware is taking the world by storm, almost no business or institution is safe and this should be a much-needed wake-up call for businesses and the government.

It’s no surprise that these attacks are gaining pace with a risk-reward ratio tipped incredibly in the hackers’ favour. Estimates show hackers received $412 million in ransom payments last year. While awareness is certainly improving, there is a worrying trend that represents a significant threat to South Africa, just like in other regions around the world.

Ransomware attacks are now targeting supply chains, creating nearly inevitable threats for governments, municipalities, hospitals and businesses across the globe. As we know, South Africa can ill-afford extended breakages or blockages in the supply chain, the recent logistics disruptions severely hurt certain regions in KwaZulu-Natal and Gauteng, which if extended much longer would have had serious consequences for more regions.

Veeam Africa team lead, systems engineer, Ian Engelbrecht, says in South Africa and other regions of the continent, security is ahead of function and location in the pecking order of considerations. He says: “Organisations have a pressing need to secure themselves as the long-term consequences of failing to do so are devastating. Here, managing and upgrading infrastructure is vitally important, as is building a careful strategy to manage legacy applications and the risks inherent in them.”

With a global uptick in ransomware attacks targeting supply chains, organisations must implement stronger, layered security strategies to protect against lurking vulnerabilities. Cybercriminals have become much less methodical when launching attacks against organisations, often casting their nets with no specific target in mind, just to see what they can find. As a result, many of the hits against the supply chain are ‘accidental’ – third-party collateral due to unsecured back doors uncovered by attackers. Whether the supply chain was the initial target of the attack, or became the attack vector as an opportunistic hit, the approach to ransomware protection is only as effective as all of its ingredients. That means effective supplier collaboration and transparency, robust data backup and improved security maintenance.

The supply chain’s ripple effects

Supply chains are incredibly complex webs of trading partners, commerce transactions, logistics and more. This complexity is compounded by the fact that there are tier-two and three suppliers within your own supply chain that you may not even know exist, but could still impact your business if they are the target of a ransomware attack. You may not be the target, but you can still be a victim as their breach extends to their trading partners.

In light of this, it’s absolutely fair game – and smart business practice – to ask your suppliers how they are improving security measures and protecting against ransomware attacks. Now is the time to ask about quality standards, security practices, abilities to understand data protection/the transparency into their dependencies and what you could be potentially exposed to based on their business activities. A thorough approach to supply chain management takes into consideration that you’re only as secure as your least secure trading partner or supplier. You can do everything perfectly in terms of your own security measures, but one supplier’s lapse in security can spoil the bunch. It’s within your rights as a business to ask this of your suppliers.

Don’t skimp on data backup

Any good business leader knows there are areas and departments where you can safely cut costs without significant risk and other places to double down when it means protecting your business. Data backup and recovery is one such area where no business should cut costs or corners, especially with the rise in ransomware. While a robust backup and recovery strategy won’t alone keep you safe from ransomware attacks, it will put businesses in a much better position when the inevitable does occur – leaving hackers left with less options when you’re able to recover critical data quickly on your own.

It’s not just about implementing the right data solutions though, but also about maintaining and consistently testing them. It’s critical to consistently test your backups in advance of an attack – because it won’t do you any good after the fact. One way to do this is to think like the hackers. There are many different ways to simulate attacks, including hiring professional, ethical hackers who can purposely look at and target your vulnerabilities to find out where you’re most at risk, but with no real-world danger of data theft or loss. If you can’t hire these simulation actors, it’s important to test your backup and recovery solutions frequently and thoroughly on your own as often as you can to find and resolve risks.

Review and enhance your security standards and best practices

It’s no secret the Covid-19 pandemic led to an increased state of urgency for enterprise security, overnight people were thrust into work-from-home scenarios, with little-to-no time for IT departments to prepare. And when you move fast there’s a lot of potential for mistakes. From a security perspective, the cloud is still new for many organisations, especially those that moved to the cloud hastily or in a rush out of necessity.

For all organisations, regardless of their IT department’s cloud sophistication, it’s a best practice to revisit all protocols that were adopted as part of the initial cloud migration to ensure they’re secure, hardened and cost-effective. Especially as security and hyperscaler cloud settings can change at a moment’s notice (options, etc.), there’s a need to continually monitor, evaluate and implement the latest security standards. It’s on IT to identify exposures and vulnerabilities and surface them up to management to secure C-suite support and budget.

Hackers continue to get more sophisticated, with new trends like ransomware-as-a-service (RaaS), a consumer-driven offering that multiplies the volume of attackers by lowering the technical skill required to launch a ransomware attack. Like a game of chess, as your opponent (hackers) evolve, so does your defence strategy need to evolve. To prepare, organisations need to follow the right recipe of supply chain transparency, data backup and security maintenance and testing. Failure to do so could result in your business getting its 15 minutes of fame as the next victim of ransomware.

Share this article:
Share via emailShare via LinkedInPrint this page

Further reading:

SA fleets face internal and external pressures
IoT & Automation Transport (Industry) Logistics (Industry)
Thousands of trucks clog South African border points and ports, causing shipping companies to levy congestion surcharges; fleet managers must enforce safety rules, develop comprehensive training programmes focusing on early warning systems and AI-powered technology

Integrated transportation security
Guardian Eye AI & Data Analytics Integrated Solutions Logistics (Industry)
HG Travel installs an AI-powered camera system integrated across 115 vehicles throughout a fleet comprising 160 vehicles of different sizes, along with predictive and self-monitoring tools to track tyre condition, fuel consumption and theft, and overall vehicle maintenance.

Simplify AARTO compliance for fleets
Guardian Eye IoT & Automation Asset Management Transport (Industry) Logistics (Industry)
While there are challenges around the management and implementation of the AARTO Amendment Act, there are also benefits that need to be understood today to ensure compliance and value tomorrow.

From damage management to false alarm prevention
Dallmeier Electronic Southern Africa Transport (Industry) Surveillance Logistics (Industry)
Video surveillance is undergoing an exciting evolution; today’s IP-based solutions can be fully integrated into digital systems. With the increasing integration of artificial intelligence (AI); logistics, in particular, can make processes more transparent and exploit previously untapped potential.

Protecting narrow areas in warehouse and logistics sites
OPTEX Facilities & Building Management Transport (Industry) Logistics (Industry)
Logistics facilities, warehouses and distribution centres are critical to the supply chain and any company’s business operation and assets. Any disruption can have enormous consequences, both functional and financial.

Logistics operators stand up to safety challenges
Logistics (Industry) Asset Management Transport (Industry)
The second annual Webfleet Road Safety Report for 2023 outlines common safety factors, challenges and solutions that South African transport operators face; deteriorating roads, poor vehicle maintenance, congestion and driver fatigue are common challenges.

Securing road transport across Africa
Technews Publishing Editor's Choice Asset Management Security Services & Risk Management Transport (Industry) Logistics (Industry)
SMART Security Solutions spoke to Filipe de Almeida, the Portugal & Spain Regional TAPA EMEA Lead, and Massimo Carelle, the TAPA EMEA Africa Region Lead, about securing transport and logistics in hostile environments.

Navigating cybersecurity in the African transport and logistics space
IoT & Automation Transport (Industry) Logistics (Industry)
The African transport and logistics sector is a rapid adopter of industrial automation, embracing technologies such as the Internet of Things (IoT) and operational technologies (OT) to enhance efficiency, but cybersecurity vulnerabilities demand attention.

Free South Africa Market Report webinar from TAPA EMEA
Technews Publishing Editor's Choice News & Events Transport (Industry) Training & Education Logistics (Industry)
October 2023 offers TAPA EMEA members and non-members opportunities to increase their knowledge of cargo crime and supply chain security risks in three countries in Europe, the Middle East & Africa region, where supply chains are most targeted by both organised crime groups and other offenders.

Telematics help protect SA trucks against expanding risks
Logistics (Industry) Asset Management
South Africa’s road freight transport sector currently accounts for about 85% of all goods transported in the country and is growing rapidly annually. “To ensure that goods are delivered safely, promptly, and affordably is a challenge,” says Justin Manson of Webfleet.