New Cybersecurity Crisis: High-Stakes Supply Chain Breaches

In a stunning turn of events, major British corporations like British Airways, the BBC, and Boots are reeling from a relentless wave of supply chain breaches that have sent shockwaves through the cybersecurity landscape. These audacious backdoor hacks have plunged these esteemed institutions into turmoil, leaving a trail of destruction in their wake. Over 100,000 employees’ confidential information, from bank details to personal contact information, is now in the hands of malicious actors. This blog unravels the chilling impact of these recent cyberattacks and discovers essential strategies to safeguard your business from becoming the next target.

Urgent Alert: Supply Chain Vulnerabilities Threaten UK Businesses, Especially SMEs

Vulnerabilities through the supply chain are an emerging threat, and the UK government is just starting to warn businesses about it. The risks affect SMEs who depend on their relationships with big businesses to secure ongoing contracts, so they must be educated on hackers’ behaviours. Not only do they need to protect their businesses, but they also must appreciate that they might inadvertently open a ‘back door’ to their customer systems. Embroiled in one of these hacks would threaten their reputation and ongoing business.

SMEs need to consider cyber threats in AND outside their immediate businesses, and CISOs need to consider possible hidden weaknesses in their systems, suppliers and third-party software.

The Latest Perpetrators

The latest UK attacks are attributed to a Russian hacking group well-known in the intelligence and cybersecurity spheres as ‘Clop.’ Clop is notorious for seeking out large organisations (from regional governments to children’s hospitals) and encrypting their files – demanding a ransom payment in cryptocurrencies like Bitcoin for the decryption keys.

This time, they targeted a common file transfer software called MOVEit. The hackers pinpointed a ‘zero-day vulnerability’ weak link in its code to access servers containing employees’ personal and financial details. Clop gathered the data, encrypted it, and threatened to publish it on the Dark Web, exposing victims to many dangers. Due to MOVEit’s astronomical user base, at least 60 million people could have been affected by this breach, although the number is possibly much higher. Naturally, the consequences for the victims have been dire, putting them at risk of identity theft and potential legal disputes.

This breach has wholly eroded trust among users, partners, and stakeholders of MOVEit and opened up significant legal repercussions for the software company’s failure to adhere to GDPR. And this is not the only supply chain disaster this year.

Just a few months earlier, a complete suspension of Royal Mail international postal deliveries was caused by a similar Russian ransomware attack. The attack group, known as Lockbit, infected custom-label printers for overseas parcels, causing them to spurt out ransom notes, an infamous Lockbit tactic.

The attack’s aftermath was devastating, with over half a million parcels and letters stranded in limbo due to the halted international postal deliveries. Lockbit’s demand for cryptocurrency payments ensured the transactions were virtually untraceable, making it challenging for law enforcement agencies to identify the perpetrators or recover the extorted funds. They also made clear in the ransom note that it was either paid up or the stolen data would be published for all on the Dark Web to see. The public exposure of the attack and potential data leaks have now harmed the Royal Mail’s reputation, eroded trust among customers and partners, and caused substantial financial loss due to delayed deliveries.

The Widespread Impact of a Supply Chain Attack

Due to their far-reaching implications, supply chain hacks represent a grave and unique threat in the digital age. Unlike most cyberattacks targeting a single entity, supply chain breaches infiltrate interconnected networks, affecting numerous organisations simultaneously. Hackers exploit trusted relationships, compromising multiple points within the supply chain, leading to widespread data theft, financial loss and logistical disruptions.

These attacks can paralyse entire industries, impacting consumers, businesses and critical infrastructure. In addition, the complexity of modern supply chains amplifies the challenge of detecting and mitigating breaches quickly. This interconnected hacking style makes attacks more severe, making them particularly destructive and difficult to combat.

Considering these recent devastating hacks, it’s important to follow advice from NCSC and trusted partners to make sure your company is not in the firing line for the next barrage of supply chain attacks. Even the most minor attempted attack incurring no financial loss can hugely impact client trust. That being said, according to NCSC research, only around 10% of businesses vet the risks posed by their immediate (13%) and broader suppliers (7%), and considering the risk posed, this should change.

How to Identify an Attack

The first step after a course of prevention is, of course, recognising a supply chain attack. One key indicator is unexpected disruptions in the supply chain, such as delayed deliveries, sudden changes in supplier behaviour, or unexplained differences in product quality. Unusual requests for sensitive information, especially from trusted suppliers, should raise immediate suspicion. Monitoring financial statements for anomalies can also reveal unauthorised access or fraudulent activities within the supply network. By staying alert to these signs and investigating any inconsistencies, businesses can take swift and decisive action to mitigate potential threats, safeguard their operations, and maintain the trust of their customers and partners.

How to Protect Against Attack

A surefire way to improve your business’s chances of survival against a supply chain attack is getting a Cyber Essentials certification, a government-backed scheme protecting businesses in five core ways. This is essential for SMEs aiming to supply to government departments and larger organisations in the HMG supply chain. This certification process covers secure configuration, malware protection, network firewalls, user access controls and security update management. Applying these five changes can reduce your business’ online risk by 95% and give you the essential knowledge to speak with your suppliers about the security protocols they do (or don’t!) have in place.

How to Vet Your Suppliers

Enterprises should conduct thorough due diligence when selecting suppliers and partners to have the best chance at protection. Evaluating their cybersecurity policies, practices, and track records can help identify future vulnerabilities in the supply chain. Regularly reassessing vendor security measures is critical, ensuring they address all new emerging threats. Encrypting data throughout the supply chain also adds a layer of protection. Scrambled data is significantly more challenging for hackers to exploit, reducing the risk of unauthorised access and data breaches. In addition to these options, enforcing supplier security standards can substantially enhance supply chain security. Requiring them to comply with cybersecurity frameworks such as the NIST Cybersecurity Framework or ISO 27001 can establish a baseline for security expectations and keep you safer in the long run.

If you’re at all concerned by the risk of a supply chain attack, come and talk to us. Thrive is highly experienced in supporting small to medium-sized businesses in countering the latest threats. We can work with you to ensure that your employees and business protocols are as resistant as possible to these emerging risks.

Contact Thrive today to discuss how we can help protect your business.