Software supply chain cyber attacks look set to be one of the biggest cyber threats facing organisations in the coming years. This week, the US intelligence community issued a new warning regarding future attacks…
The US intelligence community has issued a new warning on cyber attack risks.
The Foreign Economic Espionage Report, which was published by the US’s National Counterintelligence and Security Center (NCSC), warns that China, Russia and Iran are most likely to be behind future attacks.
“Software supply chain infiltration is one of the key threats that corporations need to pay attention to, particularly how software vulnerabilities are exploited,” William Evanina, the NCSC’s director and the US’s top counter-intelligence official, told the BBC.
“To get around increasingly hardened corporate perimeters, cyber-actors are targeting supply chains.
“The impacts to proprietary data, trade secrets, and national security are profound.”
The report details that despite the opportunities that technologies including AI and the IoT offer, they will also introduce vulnerabilities to U.S. networks – for which the cybersecurity community is not prepared.
The severe impact of cyber attacks was in evidence in June last year following the NotPetya attacks, , which cost nearly a billion dollars in collective damages. The White House called out Russia following these attacks issuing the following statement – “In June 2017, the Russian military launched the most destructive and costly cyberattack in history. This was also a reckless and indiscriminate cyberattack that will be met with international consequences.”
Experts believed that Russian hackers launched 2,000 “NotPetya” attacks in the early hours of June 27. NotPetya was designed to masquerade as ransomware, but was soon revealed to be wiper malware with the purpose of destroying computer systems, erasing data and disrupting business operations.
Cyber attacks on the rise
One of the consequences and subsequent risks of living in a hyper-connected world is an increased vulnerability to indiscriminate cyberattacks.
According to Chain Store Age, “nearly 80 per cent of IT security professionals across the United States, Canada, UK, Mexico, Australia, Germany, Japan, and Singapore believe software supply chain attacks have the potential to become one of the biggest cyber threats over the next three years. Yet, few organisations are prepared to mitigate the risks.”
Whilst many organisations have response strategies in place to deal with cyber attacks, they are not necessarly holding external suppliers to the same security standards.
Tesla Asks Suppliers for Cash Back
- Tesla sent a memo to some of its suppliers, asking to return cash to the automaker, The Wall Street Journal reported. Tesla did not respond to Supply Chain Dive’s request to confirm the memo
- The automaker told the Journal it is looking for price reductions from some of its suppliers to improve competitive advantage.
- Since the beginning of the year, “we’ve seen a huge run up” in the amount of money due to suppliers, Bill Danner, president of CreditRiskMonitor, a financial risk analysis and news service, told Supply Chain Dive. The figure, however, isn’t unexpected as Tesla ramps up production of the Model 3
- At the end of the first quarter of 2018, Elon Musk assured Tesla shareholders he’s feeling “quite confident” the auto company will have positive cash flow in the third and fourth quarters of the year
‘Change public procurement rules in response to heatwaves’
- In a report on heatwaves, the Environmental Audit Committee (EAC) said “extreme temperature events” in Europe were now 10 times more likely than in the early 2000s
- “The government should make businesses aware of the developing threat of heatwaves and the economic consequences,” said the report
- “Procurement rules should be updated so that schools and the NHS do not spend public money on infrastructure which is not resilient to heatwaves
- “Research on the economic consequences of heatwaves concluded that there was a more significant cost to the economy than benefit,” said the report
Record-breaking Prime Day’s aftermath
- Now in its fourth year, Amazon Prime Day has grown into a major shopping event that not only drives online sales but creates ripple effects throughout the entire retail industry
- But suppliers and retailers must prepare for a surge in consumers returning goods — or risk products turning in to “dead money”
- Amazon recently announced it had sold more than 100 million products on Prime Day 2018, making it the biggest on record since it started the event in 2015
- But now in the middle of its 30-day return period from Prime Day, Amazon and several retailers are likely fielding the return of hundreds of thousands or even millions of products