May 17, 2017

Massive Ransomware Attack Requires Supply Chain Risk Manager's Attention

Matt Mills & Barry Hochfelder

Last week’s Ransomware attack that impacted more than 300,000 computers in 150 countries, crippling industries in Europe, Asia and South America, should have caught the attention of supply chain risk managers.

Impact and Aftermath

The attack by the “WannaCry” malware, locked up data on affected company computers, in some cases, for days. The attack disrupted major Spanish telecommunications firm Telefonica, several United Kingdom hospitals, FedEx, Renault and its Japanese partner, Nissan. Both automakers announced production stoppages at several sites.

ransomware1.jpg

Per the company officials, Renault stopped production at several European sites on May 13. Although Renault did not provide a full list of affected sites, authorities confirmed that the production at its Sandouville, France, plant was stopped, according to Automotive News. By May 15, the sites were up and running, a Renault spokesperson said.

Nissan Motor Manufacturing (UK) Ltd. confirmed to Reuters that production at its Sunderland, UK, plant stopped, with other facilities across the manufacturing system also were affected, but back in operation after two days.

Unfortunately, some of the most impactful events rarely make major public headlines. Furthermore, even if an event is reported, rarely is the potential supply chain disruption spelled out in the press release.

Implications

It’s a good time for a reminder. The Centre of Strategic and International Studies (CSIS), estimates that cybercrime costs businesses $400 billion worldwide.

While this infection was quickly contained, cyber security experts are advising that other attacks could be imminent. The U.S. government, as well as governments around the world, are concerned and beginning to take action. “This is no hair-on-fire, irresponsible speculation,” Joel Brenner, former head of U.S. counterintelligence under the director of National Intelligence, and now a senior research fellow at MIT, told USA Today.

ipad.png

 

Ransomware can attack any industry, and given the interdependencies found in today’s manufacturing supply chains, an attack on a key supplier or country could bring all downstream partners to their knees for days. While today, manufacturing industries are about half as likely to be attacked as services industries, according to a survey by security companies Symantec and Datto, if profiteering is the motive, it is only a matter of time before the “bad guys” figure this out.

Action Plan

It’s a scary world out there and make no mistake, there is exposure. According to the web site, Business 2 Community, only 58 percent of U.S. mid-size companies train employees on cybersecurity.

ransomware3.jpg

And, though it is true that a successful attack on a single employee can infect an entire company, savvy risk managers can take action to minimize the risk in their supply chains:

  1. Know where your suppliers are located. A proactive understanding of your suppliers’ geographical network and the ability to pinpoint the specific impact a given site or company on downstream products and revenue is key to a rapid response when the next incident occurs, especially if a specific company or region is targeted.
  2. Know your suppliers’ upstream and downstream dependencies. Knowing your Tier 1 supplier isn’t enough, as an incident that shuts down the exchange of data on either the demand (orders) or supply (shipments) side can impair the entire supply chain.
  3. Ask your suppliers (and you suppliers’ suppliers) questions (sooner rather than later). A simple survey or assessment can highlight critical points of failure in your supply chain and allow customers to collaborate with suppliers to fix the problems. Some questions to ask:
  1. Do you have an internal policy and ensure that all employees are trained and familiar with it? How often are they trained? How do you assure and track compliance?
  2. What is your process for deploying updates to your operating systems and applications? How quickly after release of an update do you deploy it? How do you assure and track compliance?
  3. Do you have a data backup/disaster recovery system? How often do you back up data? How often do you test your system?
  4. Do you follow any policies or have any certifications for cybersecurity or IT best practices? Some common policies/certifications include SOC 2, NIST Special Publication 800-17, and ISO 27001.

 

Feel free to reach us at sales@resilinc.com , if you are considering a risk management solution or have more questions on what it means to implement one in your organization.

Want to learn how Resilinc can provide you the solutions to build a best-in-class supply chain resiliency program?

 

Download Resilinc's Ultimate Guide to Supply Chain Resiliency Program Success

 


 

Topics: supply chain visibility, supply chain resiliency, supply chain risk management, proactive risk mitigation, impact, ransomware, aftermath, implications, action plan