Supply Chain Safety and Security This Holiday Season

As the holiday season looms closer, cyber threats such as IP theft, data leaks and theft, denial-of-service, malware and ransomware are expected to increase as cybercriminals look to catch businesses at their most vulnerable. All of these can arrest supply chain operations and disrupt business, so it’s critical for organizations to remain vigilant and ensure they have security defences in place to protect their data and users.

The holiday period is typically when organizations let their guard down, precisely the window of opportunity that ruthless cybercriminals are hunting for. This is especially crucial when it comes to protecting critical infrastructure, industrial control systems (ICS), operational technology (OT), manufacturing floors and supply chains.

The Evolving Threat Landscape

The Internet of Things (IoT) is a network of millions of connected devices that communicate via the Internet. From IoT spawned the industrial IoT (IIoT), which deploys similar concepts and technologies to factories, logistical processes, manufacturing floors, supply chains and more.

ICS environments use these sorts of devices and systems to control and operate critical infrastructure, such as electricity and gas supplies, nuclear power plants, oil refineries, and traffic management systems. These infrastructures are essential to producing essential goods and services as well as protecting human safety on an everyday basis, making them significant targets for cybercriminals. Also, the OT components that operate these systems are also often connected to information technology (IT) networks, offering a path for cyber actors to pivot from IT to OT networks. Given the prominence of critical infrastructure to national security, protecting from unintended business consequences is vital. As such, securing IIoT and OT environments will help protect lives and ensure safety, as well as defend against environmental disaster and significant monetary loss due to unavailability, to limit the impact on people’s lives and economy.

Many companies in the Industry 4.0 era rely on machine-to-machine communication for processes like automation and use analytics, the cloud and machine learning to power new business models. Everyday use cases of this technology include innovative smart cities and smart power grids, carrying out predictive maintenance, smart manufacturing and robotics capabilities.

A More Sophisticated Threat

Businesses need to secure these critical systems by preventing vulnerabilities, safeguarding against sophisticated threats and mitigating compensating controls as quickly as possible. However, many ICS networks continue to rely on legacy technology or hardware that isn’t compatible with modern security controls and access management systems. This leaves them more susceptible to malicious attempts to damage or disrupt their networks and systems.

As attack vectors become more sophisticated and threats like ransomware and insider threats increase, businesses need to strengthen their security defences. Failing to do so runs the risk of disrupting business operations, which could result in costly downtime and critical service failures.

What Are the Implications?

Successful attacks against critical infrastructure can have a devastating effect on businesses and public services. In December 2020 alone, more than 148 million records were breached in dozens of cyber-attacks, which took the number of stolen records in 2020 past 20 billion.

For example, an attack on People’s Energy saw personal details of the company’s entire database of 270,000 customers stolen.

One of the most high-profile attacks we’ve ever seen against critical infrastructure providers was a coordinated cyber-attack on the Ukrainian power distribution company Kyivoblenergo in Ukraine in 2015. It began with a phishing attack that granted the hackers access to the company’s computers, then escalated privileges into the corporate network. As a result, 250,000 customers ended up losing power.

Another high-profile example was IT software provider SolarWinds, which suffered a supply chain attack against its Orion platform in 2020. An advanced persistent threat attack enabled hackers to launch stealthy malware into the company’s systems. However, it also infiltrated customer networks, including government agencies like the Department of Defence, the Department of Justice and the Department of Homeland Security.

More recently, an attack against IT solutions developer Kaseya saw hackers launch ransomware into its supply chain after exploiting a vulnerability in its software. Reports suggest the attack caused 800 Swedish supermarkets to close and around 1,000 businesses saw servers and workstations encrypted.

A Blueprint for Critical Systems Security

How to Secure Critical Systems

Businesses can protect their critical systems by preventing unauthorized access to their networks and by implementing defense-in-depth security controls for people, process and technology. They need to look to authentication and authorization tools that enable them to verify users and their devices every time they attempt to gain access to systems. While real-time monitoring of their critical infrastructure systems is crucial to detecting and preventing threats in real-time.

Protecting Critical Infrastructure Relies on Following a Five-step Security Process:

• Define your network: As organizations’ attack surface constantly evolves, it becomes increasingly difficult to protect. Therefore, it’s vital to start by defining the attack surface, be it the business’ most critical applications, data, or services.
• Map your network traffic: Businesses need to map the flow of traffic that accesses their networks and document it to ensure complete visibility.
• Architect your network: Security can be mapped to an organization’s needs, starting with a firewall that allows them to segment or provides a microperimeter around traffic. This is crucial to creating additional layers of access control and enabling deeper network inspection.
• Create a security policy: A security policy is crucial for allowing devices and people that should have access to it. This enables the business to define which users can access specific resources, where resources should be accessible from and additional enforcements to guarantee legitimate traffic.
• Monitor and maintain your network: The final step is to ensure the network is continuously monitored and logged. This provides ongoing insight into network activity and enables businesses to prevent unauthorized users and devices that may pose a threat.

Secure Your Supply Chain Ahead of the Holiday Season

With the busy holiday season looming, it’s vital to ensure you don’t let your guard down. Hackers won’t be taking time off to open presents or go to a holiday party, so it’s vital to ensure you have the security defences in place to prevent them from successfully compromising your business while your attention is elsewhere in order to keep the supply chain safe and secure.