Tag Archives: cyber attack supply chain

Supply Chain Cyber Attacks On The Up

Software supply chain cyber attacks look set to be one of the biggest cyber threats facing organisations in the coming years. This week, the US intelligence community issued a new warning regarding future attacks…

Varlamova Lydmila / Shutterstock

The US intelligence community has issued a new warning on cyber attack risks.

The Foreign Economic Espionage Report, which was published by the US’s National Counterintelligence and Security Center (NCSC), warns that China, Russia and Iran are most likely to be behind future attacks.

“Software supply chain infiltration is one of the key threats that corporations need to pay attention to, particularly how software vulnerabilities are exploited,” William Evanina, the NCSC’s director and the US’s top counter-intelligence official, told the BBC.

“To get around increasingly hardened corporate perimeters, cyber-actors are targeting supply chains.

“The impacts to proprietary data, trade secrets, and national security are profound.”

The report details that despite the opportunities that technologies including AI and the IoT offer, they will also introduce vulnerabilities to U.S. networks – for which the cybersecurity community is not prepared.

The severe impact of cyber attacks was in evidence in June last year following the NotPetya attacks, ,  which cost nearly a billion dollars in collective damages. The White House called out Russia following these attacks issuing the following statement – “In June 2017, the Russian military launched the most destructive and costly cyberattack in history. This was also a reckless and indiscriminate cyberattack that will be met with international consequences.”

Experts believed that Russian hackers launched 2,000 “NotPetya” attacks in the early hours of June 27.  NotPetya was designed to masquerade as ransomware, but was soon revealed to be wiper malware with the purpose of destroying computer systems, erasing data and disrupting business operations.

Cyber attacks on the rise

One of the consequences and subsequent risks of living in a hyper-connected world is an increased vulnerability to indiscriminate cyberattacks.

According to Chain Store Age, “nearly 80 per cent of IT security professionals across the United States, Canada, UK, Mexico, Australia, Germany, Japan, and Singapore believe software supply chain attacks have the potential to become one of the biggest cyber threats over the next three years. Yet, few organisations are prepared to mitigate the risks.”

Whilst many organisations have response strategies in place to deal with cyber attacks, they are not necessarly holding external suppliers to the same security standards.

Tesla Asks Suppliers for Cash Back

  • Tesla sent a memo to some of its suppliers, asking to return cash to the automaker, The Wall Street Journal reported. Tesla did not respond to Supply Chain Dive’s request to confirm the memo
  • The automaker told the Journal it is looking for price reductions from some of its suppliers to improve competitive advantage.
  • Since the beginning of the year, “we’ve seen a huge run up” in the amount of money due to suppliers, Bill Danner, president of CreditRiskMonitor, a financial risk analysis and news service, told Supply Chain Dive. The figure, however, isn’t unexpected as Tesla ramps up production of the Model 3
  • At the end of the first quarter of 2018, Elon Musk assured Tesla shareholders he’s feeling “quite confident” the auto company will have positive cash flow in the third and fourth quarters of the year

Read more on Supply Chain Dive

‘Change public procurement rules in response to heatwaves’

  • In a report on heatwaves, the Environmental Audit Committee (EAC) said “extreme temperature events” in Europe were now 10 times more likely than in the early 2000s
  • “The government should make businesses aware of the developing threat of heatwaves and the economic consequences,” said the report
  • “Procurement rules should be updated so that schools and the NHS do not spend public money on infrastructure which is not resilient to heatwaves
  • “Research on the economic consequences of heatwaves concluded that there was a more significant cost to the economy than benefit,” said the report

Read more on Supply Management 

Record-breaking Prime Day’s aftermath

  • Now in its fourth year, Amazon Prime Day has grown into a major shopping event that not only drives online sales but creates ripple effects throughout the entire retail industry
  • But suppliers and retailers must prepare for a surge in consumers returning goods — or risk products turning in to “dead money”
  • Amazon recently announced it had sold more than 100 million products on Prime Day 2018, making it the biggest on record since it started the event in 2015
  • But now in the middle of its 30-day return period from Prime Day, Amazon and several retailers are likely fielding the return of hundreds of thousands or even millions of products

Read more on Supply Chain Dive

US Intel Chiefs Urge Business Cooperation On Cybersecurity

But what are the trade-offs in terms of privacy and civil liberties? Highlights from General Keith Alexander and John Brennan keynote at #ISM2018.

During the American Revolutionary war, military commanders of the 13 Colonies realised that the conflict could not be won with soldiers alone. Civilians left their towns and farms to swell the ranks to a level where the British could be pushed back and eventually overcome.

Retired four-star general Keith Alexander (former Director of the National Security Agency) tells delegates at #ISM2018 that just as civilians fought alongside soldiers 240 years ago, there’s currently an urgent need for a public and private partnership to defend against cybersecurity breaches. In other words, business and government need to cooperate if the US is to have any chance of defending against offshore cyberattacks and resultant IP theft.

Calling for a partnership

“I think our approach to cybersecurity has to be changed,” says Alexander. “We need a new strategy.” Companies that suffer data breaches tend to fall into two camps – those that have been attacked and know it, and companies that have been attacked and don’t know it. Alexander says that in an environment where “everybody’s getting hacked,” industry has a responsibility up to a certain level.

The issue is that intelligence agencies (such as the NSA) can’t see what’s in the packets of information that pass through cyberspace at light-speed until after the fact, which means they are relegated to reactive incident response. The solution is for companies to help build a common picture by sharing information so the government can then defend effectively. Alexander gives the example of the energy sector, where 18 companies are working together to share information at network speed.

Alexander also raises the issue of companies that have been attacked being treated as a guilty party, with some organisations getting sued after a cyberattack. “If you want industry to work with government and share what’s hitting them, you’ll have to give them liability protection. We also need to incentivise it so it’s cost-neutral to build up your cyber defence.”

Former Director of the CIA, John Brennan, comments that as difficult as counter-terrorism was, dealing with cybersecurity was even more challenging. “The digital domain is 85% operated by the private sector, and there’s currently no consensus on the government’s role in that environment,” he says. The nature of globalisation means it’s not always easy for a security agency to figure out what’s an American company. “The ecosystem is so interconnected,” says Brennan. “You’re not going to stop globalisation, but you need to [respond to it] in a way that protects government and business interests.”

Privacy trade-offs?

Panel facilitator and ISM CEO Tom Derry raised the question of how you can protect privacy and civil liberties while acting to defend against cyberattacks. According to Alexander, you can do both. “If we’re completely transparent in what we share and ensure everybody agrees to it, we can build a picture that defends our nation.” The consolidation that is taking place as businesses increasingly move into the cloud (usually via a managed service) will help in a cybersecurity sense. “It’s going to come down to consolidation,” says Alexander. “The cloud is going to be the future, collective security in the cloud will be so much better, and you’ll be assured that both your data and your privacy are protected.”

Brennan was less reassuring when it comes to privacy trade-offs. “Lots of privacy and civil liberties have been given up already. People would be shocked about how much of their information is being shared online. We need greater transparency and obligations, and need to be aware of the risks and opportunities. You can’t secure your data the same way you can secure a building.”

What can be done?

Most companies, says Alexander, have a firewall and other measures in place to defend against cyberattacks, but he gives the example of a company with 2,500 people and 5,000 systems that was discovered to have 400,000 unpatched vulnerabilities. “Most companies only try to patch the critical ones.”

Alexander and Brennan list the following solutions:

  • An unprecedented level of partnership and information-sharing between government and business.
  • Behavioural analytics, where a system-user’s behaviour raises red flags if it changes dramatically.
  • Freezing or isolating systems when malware signatures are detected.
  • Better hiring practices, training, procedure and policies to protect against the human element (e.g. Edward Snowden’s data theft).
  • Machine learning and AI systems to cope with the sheer size of the challenge.
  • Be clear on policy: what constitutes an act of war in cyberspace?

In other news from #ISM2018:

ISM Appoints First Chief Product Officer

Susan Marty to Lead Member Engagement, Market Development and Growth Initiatives for ISM.

In its mission to reflect the voices of everyone in the supply management community, ISM has appointed Susan Marty as it first Chief Product Officer. Ms. Marty will focus on member engagement, market development and growth for ISM, the leading not-for-profit, independent, unbiased resource for everyone in supply management.

“As Chief Product Officer, I am strongly committed to meeting the current and future needs of all ISM members and constituents in a timely and meaningful way. We will continue ensuring that all our offerings–from education and events, to discussions and publications–enable members to advance professionally while making their organizations stronger and better,” said Ms. Marty.

“Susan Marty is an exceptional leader with a talent for building strong customer, partner and industry relationships, and innovating in response to market shifts. At a time of rapid transformation for supply management, she will help ISM remain vital to our entire industry,” said Tom Derry, CEO of ISM.

In addition to her focus on ISM’s educational offerings, Ms. Marty will concentrate on making ISM a source for compelling, customer-driven content, including research, thought-provoking conversations with subject-matter experts, and issue-oriented articles.

She will also lead efforts to bring supply management leaders and practitioners together with technology providers, analysts, and other members of the broader professional community. Whether online or via social media, she will focus on maximizing opportunities for the profession to access all ISM has to offer.

“We are thrilled to have Susan Marty join the ISM team. She is a high-caliber talent with a wealth of experience to help us deliver superior products that are valued by our customers,” said Debbie Fogel-Monnissen, Chief Financial Officer, ISM.

“Susan Marty is exactly the kind of product leader that ISM needs to fulfill the strategy of increasing engagement with the supply management professional. Her background in creating value offerings and communicating them clearly and through multiple channels will help today’s supply management professional leverage ISM’s vast resources,” said Jim Barnes, Managing Director for ISM.

Ms. Marty comes to ISM after serving as Vice President Marketing, Product Management and Sales at WorldatWork. She previously held senior roles at Inter-Tel (now Mitel), Voice Access Technologies, OmniSky and AT&T Wireless (now AT&T Mobility).

UK Accuses Russia Of Massive Cyberattack on Global Supply Chains

Maersk, TNT and other global companies that suffered nearly a billion dollars in collective damages were not the intended targets of a Russia-launched cyberattack. How, then, were they infected?   

wk1003mike/Shutterstock.com

“The UK government judges that the Russian government, specifically the Russian military, was responsible for the destructive NotPetya cyberattack. Its reckless release disrupted organisations across Europe costing hundreds of millions of pounds. “We call upon Russia to be the responsible member of the international community it claims to be, rather then secretly trying to undermine it.”

This statement was part of the UK Government’s unusual step last week of publicly accusing the Russian military of being behind a cyberattack. The White House also called out Russia, issuing the following statement: “In June 2017, the Russian military launched the most destructive and costly cyberattack in history. This was also a reckless and indiscriminate cyberattack that will be met with international consequences.”

Experts believe that Russian hackers launched 2,000 “NotPetya” attacks in the early hours of June 27 last year. NotPetya was designed to masquerade as ransomware, but was soon revealed to be wiper malware with the purpose of destroying computer systems, erasing data and disrupting business operations.

Global firms were collateral damage

One of the consequences of living in a connected world is increased vulnerability to indiscriminate cyberattacks, even for organisations that are not the hackers’ intended victims.

NotPetya’s primary target was a shipping company in Ukraine, which has been locked in conflict with Russian-backed separatists since 2014. However, the virus-like nature of the cyberattack meant that businesses with strong trade links with Ukraine, including parts of FedEx, Danish shipping giant Maersk, UK manufacturer Reckit Benckister, and Dutch delivery firm TNT were also affected. Pharmaceutical firm Merck & Co and FedEx reported permanent damage to the systems, while a West Virginia health system had to replace its entire network after being attacked.

Russian officials have responded that the claims are “groundless” and that Russian businesses were among those whose systems were affected.

Read more: Wall Street Journal

 

In other news this week:

Unilever Publishes Palm Oil Supplier Data

  • In a move to boost transparency, consumer goods giant Unilever has published the location of over 1,400 mills and over 300 direct suppliers of palm oil.
  • The palm oil industry is under increasing pressure from consumers after revelations of deforestation and human rights abuses in Indonesia and other countries.
  • A spokesperson from Unilever said the company hoped that sharing the information would be the start of a new industry-wide movement towards supply chain transparency.

Read more: The Straits Times

 

Tennessee Truck Dealership Selling Dirty Engines

  • A loophole in emissions control laws has enabled a truck dealership to sell Peterbilt and Freightliner trucks with rebuilt diesel engines that spew 40 to 55 times the air pollution of other trucks.
  • The New York Times reports that the loophole is being “championed” by Environmental Protection Agency administrator Scott Pruitt after the Obama administration failed to close it.
  • The trucks are known as “gliders” because they are manufactured without engines and are later retrofitted with the rebuilt, 1990s-era engines recovered from salvage yards.

Read more: New York Times

 

CIPS Announces New Group CEO

  • The Chartered Institute of Procurement & Supply (CIPS) last week announced the appointment of Malcolm Harrison (FCIPS) as Group CEO.
  • Currently Chief Executive Officer of the Crown Commercial Service at The Cabinet Office, Harrison will take over the post from the current interim CEO, Gerry Walsh, in July 2018.
  • The announcement comes nearly one full year after the sudden passing of former CEO David Noble in February 2017.

Read more: https://www.cips.org/en-cn/news/news/cips-announces-group-ceo-appointment/

Yahoo Breaks Record – For The Biggest Hack in History

The biggest hack in history – it’s certainly not an award to be envious about. But Yahoo broke the record after announcing a major breach from 2013.

It’s been a bad week for embattled internet giant, Yahoo, as the company announced details of a huge cyber security breach from 2013. The hack impacted over one billion accounts, twice as big as the previous largest breach.

Yahoo was also the victim of the previous hack ‘record’, which it announced in September. It means that user data from over 1.5 billion accounts has been stolen from the company between 2013 and 2014.

Both the FBI and the New York Attorney General are investigating the hack. However, the company is likely to suffer as trust in its security and systems falls.

Hack Included US Officials

The first, and largest, of the hacks occurred in August 2013. Yahoo have said that data such as usernames, passwords, phone numbers and security questions were all stolen. The company is taking steps to contact users affected by the hack, asking them to change passwords and security questions.

It’s an embarrassing turns of events for Yahoo, who are already struggling to keep pace in the tech industry. It’s the second hack the company have announced this year. To further their embarrassment, it has come to light that 150,000 of the affected accounts belonged to US Government Officials.

According to a Bloomberg report, the data stolen from the officials in the hack could be a threat to national security. Data could allow cyber criminals to identify officials, target them, and further hack personal and professional accounts.

Organisations affected included:

  • Current and former White House staff;
  • FBI agents;
  • US Congressmen and their aides;
  • Officials at the NSA and CIA;
  • Current and former US diplomats; and
  • Every branch of the US Armed Forces.

Trouble on the Verizon?

The two breaches, and the high-profile nature of the accounts included, come at a bad time for Yahoo. In recent months CEO Marissa Meyer has come under increasing criticism for how the company is performing.

The hacks may also have a major impact on the deal Yahoo currently has to sell its core internet assets to Verizon. The deal, currently estimated to be worth $4.8 billion, has still to be finalised. And while it’s likely to still go ahead, Verizon have already said it will be looking for a lower price.

In October, when the first hack was announced, Verizon stated that it was “reviewing the deal“. It’s unlikely that a second breach will assist Yahoo’s negotiation position much either. With shares prices falling 6.5 per cent in Thursday trading last week, the deal valuation is likely to be put back on the table.

However, some experts believe that the deal will still be closed at its original price. The impact of the breaches will not be seen for some time, and certainly not in a way that would show any monetary damage. But at a time when a smooth deal was top of the priority list, Yahoo will need to work very hard to recover consumer confidence.

What Should I Do?

While you will be contacted by Yahoo if you are impacted by the hack, we’ve pulled together some things you can do in the mean time.

  • Log into your e-mail account and change your password

Make it a brand new password, with upper and lower cases, special characters and numbers. No dates of birth!

  • Check accounts the e-mail is linked to

Like most people, you’ll use your e-mail to log into other online accounts. Check all these accounts to make sure there’s no unusual activity. Change your passwords.

Once you’ve done this, check for any password reset requests that you haven’t asked for in your e-mail. Report anything suspicious to the site in question.

  • Check Sent Mail for Spam

Your account might have been used for sending spam mails to your contact list. Do a quick check of your sent mail for this.

  • Two Factor Identification

In light of the increasing number of hacks, sites have begun to introduce two factor identification. This works alongside your password as part of the logging in process. Register for it where you can.

You’re never going to be 100 per cent safe from a hack. But by using strong passwords (different ones for different sites), you can help to minimise the impact and possibility.

While we frantically try to remember all our passwords, we’ve looked out some of the top headlines for this week…

Trump Holds Silicon Valley Tech Summit

  • Silicon Valley tech heavyweights sat down with President-elect Donald Trump for two hours last week.
  • The leaders including Apple’s Tim Cook, Facebook’s Sheryl Sandberg and Amazon’s Jeff Bezos.
  • Topics discussed included vocational education, trade with China, and the need for data analysis technology to detect and reduce government waste.
  • The tech industry and Trump were frequently at loggerheads during the election. Trump also singled out a number of them for criticism on non-US supply chains.

Read more at the New York Times

Amazon in Drone Delivery First

  • Amazon made history last week with its first delivery by a fully-autonomous flying drone.
  • The delivery, containing a TV remote control and a bag of popcorn, was made to a customer in Cambridge, U.K.
  • The delivery took 13 minutes from Amazon’s local warehouse to the customer’s home. Amazon intends to extend the trial to hundreds of users.
  • Packages must weigh five pounds or less and can only be delivered during the day and in clear weather.

Read more at the Wall Street Journal and watch the video here 

Mexican Government Deploys Troops for Shipment Protection

  • As many as 1000 troops have been deployed along rail lines in Mexico to protect automotive cargo from thieves.
  • Thieves have been boarding trains to steal tyres, batteries and other automotive parts.
  • Mazda and General Motors are among the companies that have been impacted by the thefts.
  • American Honda has also been affected, and takes the damage into account when deciding between rail and sea-borne deliveries.

Read more at Automotive Logistics

UK Falling Behind on Timber Requirements

  • The UK faces a future timber shortage thanks to delays in planting of forests.
  • In order to meet Government requirements of 10-12 per cent increase in woodland areas in England, 11 million tree need to be planted between now and 2020.
  • However, the Chief Executive of Confor has highlighted serious delays due to inefficiencies in the grant system for planting.
  • The highly bureaucratic process means it can take up to three years before permission is granted to plant trees on a large scale.

Read more at Supply Management

US Intelligence to Aid Supply Chains Against Cyber Attacks

A new US Intelligence campaign is set to help supply chains defend themselves against cyber attacks.

supimol kumying/Shutterstock.com

As businesses and supply chains grow increasingly more global, inevitably risk increases at the same rate. One of the most high profile risks for supply chains currently is are cyber attacks and hacking.

With each passing year, the cyber attacks get bigger. In June, the Democratic National Committee was breached by Russian hackers, and 20,000 e-mails, linked to Hillary Clinton’s Presidential campaign, were posted online.

In March, the Bangladesh Federal Reserve lost $100 million to hackers, with only $20 million recovered so far. Over 4,700 cyber attacks have been reported in the US alone since 2005, impacting hundreds of millions of people.

However, organisations with cross-border supply chains are about to get a helping hand in the fight against cyber attacks.

Cyber Attacks & Vulnerable Supply Chains

The National Counterintelligence and Security Centre will provide sensitive information, including classified threat reports, to companies about the risks of hacking in their supply chains.

The move is part of an effort to increase responsibility and education for organisations for supply chain security. It has previously been highlighted that there is a lack of understanding in US companies that having international suppliers makes supply chains vulnerable to cyber attacks.

“The supply chain threat is one that’s the least talked about but is the easiest to manipulate for all aspects of our daily lives,” said NCSC Director, William Evanina.

Domestic & Foreign Threats

The NCSC campaign will initially focus on supply chains linked to both China and Russia, the alleged sources of previous hacks. However, it will also be aimed at domestic hackers, criminal enterprises, and even disaffected former employees.

The campaign will prioritise telecommunications, energy and financial services corporations first. This is in part due to the nature of the business, but also their strategic importance to US national security.

And as well as cyber attacks, the NSCS will also be providing information and advice on so-called “hands on” crimes, such as stealing of classified information, or destruction of sensitive equipment.

Procurement Must “Play Full Part”

As part of the efforts to reduce cyber attacks, the key role of procurement has been highlighted. Evanina emphasised that procurement need to be fully integrated with other areas of the organisation to help mitigate risk.

He highlighted the role of ongoing due diligence to support initial investment in cyber security software and programmes. This would be carried out by procurement, but in partnership with the other areas of the business.

Evanina expands on the role of procurement in this video. He states that research into suppliers, and their own supply chains is critical in mitigating the risk.

Wider World

Although the work to be carried out as part of the campaign is primarily aimed at US companies, the applicability is there for all global supply chains.

Many US-based companies will purchase goods from overseas suppliers, and at the same time there will be companies purchasing from US suppliers. The inter-connected nature of the supply chain, as well as increased connectivity across technological platforms, increases the risk to organisations.

Carrying out due diligence on suppliers, knowing the full supply chain, and, perhaps most importantly, ensuring procurement plays a full part in organisational security, is a way to help mitigate this risk.

Will your organisation be taking advantage of the advice from the NCSC? Will you be impacted by any changes that take place? Let us know in the comments below.

Want to know what’s happening in the world of procurement and supply chain? Well, we’ve picked out the key headlines from the past week to keep you up to date…

Verisk Maplecroft Releases Modern Slavery Index
  • Global Risk Analysts, Verisk Maplecroft, have released their latest supply chain modern slavery index.
  • According to the Index, modern slavery constitutes a ‘high’ or ‘extreme risk’ in 115 countries worldwide.
  • Major exporters China and India fall again into the extreme risk category. The UK is one of only four countries seen as ‘low risk’
  • The report notes that most countries have some form of anti-slavery legislation or framework in place, but lack the resources to enforce these laws.

Read more at Forbes

African Countries Ban Secondhand Clothing Imports
  • A ban on imports of secondhand clothing is to be implemented by the Governments of the East African Community.
  • The group, including Kenya, Tanzania, and Uganda, proposed the ban in order to stimulate the apparel industry in their countries.
  • It is hoped that the measure will also create jobs and bolster the countries’ economies.
  • The rise of ‘fast fashion’ has led to a dramatic increase in the region’s secondhand clothing imports over the past decade.

Read more at Sustainable Brands

Scotland Launches Brexit Stimulus Fund
  • The Scottish Government has announced plans to create a stimulus fund following the UK’s decision to leave the EU.
  • The fund will add an additional £100 million to capital spending to support Scottish businesses.
  • Funds will be allocated to projects based on jobs creation and impact on the overall supply chain.
  • The Government also announced the creation of Business Information Service to support businesses affected by vote.

Read more at Supply Management

Shipping Industry Struggles Continue
  • As the results for the first half of 2016 are released, the struggles in the shipping industry look set to continue.
  • Hapag-Lloyd and Orient Overseas have both reported first half losses for 2016, with Maersk expected to do likewise this week.
  • Decreasing freight rates and over capacity have been blamed for the current plight in the industry.
  • Hapag-Lloyd plans on acquiring United Arab Shopping Co., a deal that could deliver $400 million in savings annually.

Read more at the Wall Street Journal

Is shipping & the supply chain the ‘next playground for hackers’?

The International Maritime Bureau (IMB) is warning the maritime sector to be extra vigilant in light of increasing attacks from cyber criminals.

For a bureau that has traditionally focussed its efforts on fighting piracy and armed robbery at sea, this new digital threat puts an entirely different menace in its crosshairs.

The IMB has been quoted as saying, “Recent events have shown that systems managing the movement of goods need to be strengthened against the threat of cyber-attacks.

“It is vital that lessons learnt from other industrial sectors are applied quickly to close down cyber vulnerabilities in shipping and the supply chain.”

This is cause for concern for the maritime industry especially as ships, containers and rigs are all connected to computer networks. If hackers find but one weakness, it can expose the entire network and make it open to exploitation on a grand scale.

Various cyber security experts have sounded off on this very subject during the past few months, and the media has been quick to pick up on it.  Reuters reported that a floating oil rig was compromised by hackers who tilted it onto its side.  The rig was out of action for an entire 19 days while harmful malware was removed from computer systems.

In Antwerp hackers gained access to port-side computers that enabled them to target specific containers, before making off with the booty and wiping away any telltale digital fingerprints.

The latest warning from the IMB quotes Mike Yarwood – TT Club’s insurance claims expert, speaking at the TOC Container Supply Chain Europe Conference in London. “We see incidents which at first appear to be a petty break-in at office facilities. The damage appears minimal – nothing is physically removed.”

Mike continues: “More thorough post incident investigations however reveal that the ‘thieves’ were actually installing spyware within the operator’s IT network.”

In scenarios similar to the incident in Antwerp, hackers tend to track individual containers through the supply chain to its destination port. Along the way the IT systems related to the cargo are infiltrated, resulting in the hackers either gaining entry to (or generating release codes for) specific containers.

The International Maritime Bureau is a specialized department of the International Chamber of Commerce.