![]() CCLEANER MALWARE BREAKDOWQN UPDATEBut it can wreak far more havoc – if the target’s software is used not only by global container ports or hundreds of cargo companies, but also in many other industries.Īccording to the BoozAllenHamilton report, “the most obvious fear is that a supply chain attack will successfully compromise an update or a download server for a truly popular piece of software.” Piggybacking on antivirus toolsĪ 2017 incident involving the security software firm Avast shows just how this scenario can play out. It’s only logical, as the BoozAllenHamilton report points out, that attackers focus on the supply chain for maximum impact – with that many links, finding the weakest one requires more patience than sophistication.Ĭompromising a major tech company may not be as easy as breaching the network of a container port or the computers of a mom-and-pop freight forwarding firm. They are basically sitting ducks.” Weak links, high stakes “They don’t have the deep pockets to pay for cybersecurity. “Many are small companies,” she explains. In reality, says Natividad, even after NotPetya most shippers do not pay much attention to cybersecurity. So the industry heeded the wake-up call, no? “Shippers had containers at the port that they could not get to, because all the computers were down,” she remembers. “Like a huge wave,” says Natividad, this attack hit the container industry, its infrastructure, partners, and customers. Its effects went far beyond the IT realm. Katharina Natividad, an international logistics consultant based in San Francisco, experienced first-hand last year’s attack that crippled Maersk. In the cargo and shipping industry, these fences seem to be particularly low. ![]() Because companies rely increasingly on outsourcing for their day-to-day business, worries are growing that attacks via the supply chain will bypass the usual security fences. Get ready for more, and far worse, attacks against the supply chains of various industries in the future, warn IT risk analysts with consulting firm BoozAllenHamilton in their Foresights 2018 report. 4,000 servers and 45,000 PCs had to be wiped clean and reinstalled. Estimated damage: more than $250 million. Møller-Maersk, the world’s largest container shipping company suffered a much-publicized and similarly debilitating ransomware attack (of the “NotPetya” variety). In addition, a terminal affiliated with Cosco Shipping at the Port of Long Beach, CA (the country’s second-busiest container port) was hit by a ransomware attack.ĭoes this alarm from a global container shipping company sound familiar? If so, that’s because it should.Īlmost exactly a year before, Denmark-based A.P. offices and seven other countries for systems clean-up. The ocean freight carrier alerted its customers and business partners to a “local network breakdown” that subsequently caused the company to temporarily shut down the networks in its U.S. Maritime intelligence service Lloyd’s List reported that Chinese container shipping giant Cosco had been “targeted” in a ransomware attack. Crippling malware campaigns are threatening the movement and trade of raw materials, manufactured goods and perishables by air, land, and sea. Sophisticated cyber attacks are increasingly disrupting the “traditional”, material-world supply chain. The second example, from last week, serves as a reminder that much more than concert-goers’ credit card data is at stake. ![]() ![]() Using this indirect approach, the attackers were able to discreetly siphon off payment data and personal identifiable information (PII) of Ticketmaster users from February to June 2018. CCLEANER MALWARE BREAKDOWQN CODEThe incident highlights the vulnerability of the digital economy to exploits introduced into the software supply chain by SaaS vendors and developers.Ĭriminals compromised Ticketmaster’s web server by slipping a malicious JavaScript snippet into code which support chat service provider Inbenta Technologies provided on Ticketmaster’s payment page. The first example, from June, involved online box office Ticketmaster. Vendor vulnerabilities pose a growing threat not only to digital commerce but also to traditional sectors, such as the global shipping and logistics industry. ![]() Two recent incidents illustrate the broad spectrum and impact of web-borne third-party risks. Network breaches can – and with increasing frequency do – result in significant damages. Without functioning IT, most of these supply chains would break down. What do banks and airlines, law firms and software makers, shipping companies and concert ticket sellers all have in common? Their day-to-day business depends on tightly integrated networks of service providers and product vendors. ![]()
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |