At a recent Black Hat conference, it was concluded that supply chain cyberattacks will increase exponentially during the coming years, creating national security threats and hundreds of billions of dollars in private sector losses.
The recent SolarWinds, Kaseya and Colonial Pipeline cyberattacks are examples of costly supply chain attacks where hackers exploit vulnerabilities and compromise internal networks and data. The hackers then demand a ransom be paid to restore the company’s systems and data. Damage caused by these attacks can be significant. The Colonial Pipeline attack took down the largest fuel pipeline in the U.S. and led to shortages across the East Coast.
While some of these attacks are sophisticated, others are quite basic and most cyberattacks are preventable. The Colonial attack resulted from a single compromised password. Every business and every person relies on supply chains. Given the likelihood that we will see many more of these attacks, it’s imperative that companies (1) harden their technology; (2) carefully train their employees regarding cyber security procedures; (3) utilize predictive tools to prevent problems before they occur; (4) move critical path technology to non-cloud, firewall protected off-grid networks that can operate locally; and (5) obtain sufficient cybersecurity insurance coverage.