Supply Chain: a $70 million ransomware attack

Security Awareness
18 April 2022
supply chain

Cyber attacks incidents on supply chains are unfortunately becoming very common. In recent years, these attacks have not only increased in number but have become more dangerous in terms of consequences. The interest of cyber crime in this type of attack is growing enormously. The most recent analysis shows an increase of 400% only in the past year.

Undoubtedly, supply chains can be considered a relevant and important part of the business operations of many organisations. However, the ability to provide certain services to a vast network provides hackers with many possible weaknesses to attack.

In recent years, large organisations have made significant investments to strengthen their IT security. This has forced many hackers to look for more creative ways to hit their targets. The supply chain has therefore become an interesting opportunity to breach all organisations that use it, regardless of their size.

The latest scams have shown that it takes just one to a single application of a ‘leading’ supplier to cause enormous damage throughout the supply chain.

Supply chain: $70 million is the latest ransom demanded

A few days ago, the latest REvil ransomware attack hit the US-based Kaseya, a leading provider of IT support to hundreds of companies worldwide, including the Coop supermarket chain in Sweden. Its software is mostly used by remote monitoring and management service providers, who use it to offer the same service to other companies.

By targeting the IT systems of the company Kaseya, hackers from the Russian group REvil were able to shut down the systems of various retailers, as well as those of hundreds of the customers like Coop who used the software.

The ransomware blocked the computer systems, encrypting data in the management systems and thus paralysing all activities. Coop Sweden itself was forced to close hundreds of its supermarkets.

It is now clear that cyber crime continues to evolve its attack strategies. This latest ransomware attack is proof of that. Supply chains have become extremely desirable prey because they can open doors to reach many customers and increase possible profits.

What can be done to prevent this type of attack?

Assess supply chain security policies

Check all security practices, not only those of a technological nature, implemented by service providers. This will allow you to highlight any potential supply chain risks and understand what controls and processes you need to implement to respond quickly and effectively to a breach.

Identify areas for improvement

Hackers are becoming more creative in their attempts to compromise supply chains, but a large number of incidents are still due to credential theft or exploitation of software vulnerabilities. By improving the digital knowledge of the entire organisation with Cyber Security Awareness training, all risks related to inappropriate human behaviour can be mitigated.

Effective Cyber Security Awareness training programmes

Clearly the human factor is still the decisive element in the defence of any organisation. Investing in an effective Cyber Security Awareness training programme must therefore involve all stakeholders. In order to recognise threats and react quickly in the event of an attack, every organisation must involve all staff in training programmes that follow effective methodologies. Programmes that provide all the necessary elements to create a solid defensive barrier.


Articoli correlati

Digital Operational Resilience Act (DORA)

Digital Operational Resilience Act (DORA)

The Digital Operational Resilience Act (DORA) is a EU regulation that entered into force on 16 January 2023 and will apply as of 17 January 2025. It aims at strengthening the IT security of financial entities such as banks, insurance companies and investment firms and...

read more