Tag Archives: cyber threat supply chain

Don’t Lower The Drawbridge: Defending Your Procurement Kingdom From Cyber-Attackers

Protect your company against cyber-attacks by learning how to detect, defeat, and defend against criminals.


Cybersecurity issues are a massive threat to supply chains.

Just last year, there were 290 cyber-attacks that specifically targeted supply chain companies, according to a report from DHL.

“Increasingly, these attacks are hitting technical infrastructure, such as industrial control systems, in addition to their more traditional targets in corporate IT networks,” the report says. 

“Managing the cyber risk for supply chain operations will require greater collaboration both within the organisation and across the entire supply chain network.”

What will collaboration look like? That all depends on how the industry chooses to respond.

But everyone in the supply chain has a role to play in thwarting cyber-attacks, including procurement teams.

Here is your guide to detecting, defeating, and defending against cyber crime.

What is a cyber-attack?

Let’s take a step back to understand cyber-attacks.

IBM defines a cyber-attack as a “deliberate exploitation of computer systems and networks using malicious software (malware) to compromise data or disable operations.”

And they are certainly common. In fact, there’s a cyber-attack every 39 seconds according to the University of Maryland.

There are many ways hackers steal data, but two of the most common are exploiting IT system weakness and employee error.

Why do hackers launch cyber-attacks?

By far the biggest motivation is money. Criminals steal your information and use it to:

·  sell on to other criminals

·  steal your identity (credit card info, etc)

·  blackmail you by controlling your computer, demanding a ransom

These criminals are looking for the quickest and easiest ways to make money. Much like a thief that checks all the doors in a neighbourhood trying to find one that’s unlocked, says security expert Lillian Ablon.

Ablon was asked to give testimony to the US House Financial Services Committee about cybercrime structure and motivation.

“These [cybercrime] markets are dispersed, diverse, and segmented—rapidly growing, constantly changing, and innovating to keep pace with consumer trends and prevent law enforcement and security vendors from understanding them,” Ablon explained. 

“They come in many forms.”

Who are these hackers?

Forget the stereotype of a lone hacker in their mother’s basement; these criminals operate a highly-sophisticated business structure. 

They often work in a coordinated pyramid, from the top-dog administrators through to brokers and mules. 

There are even vendors so you can buy criminal applications as-a-service. That means the end-buyer doesn’t have to be a tech genius to exploit companies and individuals.

“Cybercriminals are always looking for exotic ways to use or monetise stolen data in ways that law enforcement and security vendors are not looking for or have not yet figured out,” Ablon said.

And they’re only getting sneakier, which is why you need to make sure your drawbridge isn’t lowered.

What happens when your company is cyber-attacked?

Cyber security attacks in procurement generally result in one of two outcomes, says Nigel Morris, Director of Technology Advisory Services at accountancy firm BDO.

“A full or partial shutdown of systems resulting in an organisation being unable to operate as normal, or a hacker gaining access to corporate or personal data,” Morris says.

“Examples of the former are customers and suppliers being unable to process orders, shipping lines being unable to move containers and logistics service providers being unable to manage warehouses and distribution,” Morris says.

He explains the most frequent cause of the system shutdowns is data being encrypted or erased. Then the systems have to be rebuilt by reinstalling applications and restoring data from backups.

And stealing data can include the “loss of customer or supplier bank or credit card details, leading to fraudulent financial activity,” Morris says.

That’s why he encourages organisations to use cybersecurity best practice, ensuring software is kept up to date, anti-virus/malware tools are deployed, data is encrypted, and staff are consistently trained to recognise and avoid cybersecurity threats.

How do you know if you’ve had a cyber-attack?

It’s really hard to tell if you’ve had an attack. In fact, it’s not uncommon for attacks to go unnoticed for months, says Robert Schifreen, an IT security consultant.

And he would know. He notoriously hacked UK royal Prince Philip’s emails back in the 1980s.

As an ‘ethical’ hacker, Schifreen kindly told the email provider about their security blunder – only to be arrested and sent to court.

His trial led to the first ever UK law against hacking. Now Schifreen helps companies prevent and detect attacks. 

“If you’re lucky, there will be tell-tale signs,” Schifreen says. 

“I always tell my clients that the ideal sort of hack is when someone defaces the front of your web site and fills it with something offensive. Because you’re going to find out about it within seconds of it happening. You then simply wipe the server, restore from backup, change all your passwords, and job’s done.”

But often, it’s a lot more subtle. “It might be months before you notice it as part of a routine audit,” Schifreen says. “There probably won’t be any signs on the server that this has happened, unless you look carefully.”

He says your IT team should be monitoring key files on your servers, looking for unsuccessful attempts to log in. They should also revoke user passwords when a staff member leaves the company.

What to do if you discover a security breach

If you realise your company has experienced a security breach, there are a few actions to take immediately.

Nadia Kadhim, a legal advisor and co-founder of cybersecurity company Naq Cyber recommends these steps:

– Contact relevant law enforcement

– Tell senior leadership and staff what happened, the suspected cause, and any other relevant information 

– Let customers and other external people like suppliers know if they could be affected

– Analyse what happened

– Contain the spread

– Resolve

– Review

Kadhim also says when a potential data breach occurs, you should immediately start collecting data. Not only is this important for your own records, but you might need it if you’re legally required to tell authorities about the breach.

“You have to create a report that analyses the situation and really sets out in detail what has happened, what the possible cause is, what you’ve done to contain it, solve it, and prevent it for future reference,” Kadhim explains.

“On the basis of this you have to decide whether you will have to report externally. After that, you will do an in-depth (technical) analysis and put that into the final report, but for the external reporting, you have to act quick, so you can’t wait for this.”

How to avoid future attacks

It’s impossible to fully protect against an invasion, even with all the best technology defences in place.

As legal advisor Nadia Kadhim says, companies often focus too much on the tech and not enough on the people.

“Most cyber-attacks happen because of human behaviour; whether it is reusing passwords, leaving laptops unlocked, sending and storing personal data through and in email, clicking on dangerous links, or visiting “those” websites,” Kadhim says.

And it’s true. Just over half of data breaches are caused by employees using IT resources inappropriately, according to research from security firm Kaspersky.

That’s why training and awareness is crucial.

“This way, cyber security becomes part of day-to-day business, and drastically reduces the exposure,” Kadhim continues.

That culture of security can also encourage staff to be open if they mess up, leading you to detect breaches sooner. It’s important because in 40% of businesses globally, employees hide a security incident when it happens.

“Only when awareness is created throughout the entire company, and is combined with the necessary technical measures and legal safeguards and documentation, [companies] can really protect themselves and [minimise] legal repercussions following cyber-attacks,” Kadhim says.

Teach staff

Part of staff awareness is knowing the sudden jump in remote working makes companies more vulnerable.

Nigel Morris, from accountancy firm BDO, says: “There is no doubt that remote working increases the cyber-attack surface area; put simply, there is more technology for a hacker to attack.”

If employees are often the weak link, what do your teams need to know?

Morris advises:

– Do not open attachments from unknown sources or follow links to unknown websites. Doing so will frequently activate malware (software designed to damage your computer).

– Be aware of the various forms of phishing (when you’re sent an email or text that looks like it’s from a legitimate, well-known company, but it’s actually from a criminal trying to persuade you to hand over personal info like log-in details). More on how to spot phishing.

– If in ANY doubt, don’t click the link or open the attachment. Contact your IT team who can check the validity of the email content.  

The crimes don’t always happen on your own soil.

Employee accounts can be compromised by huge data breaches at other global companies. Like the infamous 2017 Equifax hack where criminals stole personal details from 147 million Americans and 15 million British citizens.

That’s why your employees should change passwords often.

They may want to use the site “Have I Been Pwned” to check if their accounts have been compromised.

Protect info

Put simply, your company is a target because it stores valuable information that criminals want. They don’t care if you’re a big company or small.

One cyber-attack could be enough to shut down your operations until you get to the bottom of it.

That’s why it’s so important to guard your information, says Michael Rösch, Senior Vice President of Customer Engagement Europe at procurement software provider JAGGAER.

“In procurement, price information could be very valuable if you as a supplier participate in an online auction for a multi-million euro deal in the automotive sector,” says Rösch.

On the other hand, commodity products like pencils, notebooks and other office supplies aren’t of interest so the information isn’t as sensitive, Rösch adds. He recommends classifying data carefully and protecting accordingly.

Procurement teams are responsible to defend against attacks by understanding weaknesses across the supply chain, says Jon Hansen of the Procurement Insights Blog.

“As supply chains become more global and extended, the potential breach points will also increase,” Hansen wrote in Supply Chain Professional.

“Being able to identify said breaches is critical to security your network proactively.”

The cost of an attack

Attacks don’t affect all companies the same.

In 2019, the average cost of a data breach was USD $3.9 million (£3.1 million or AUD$5.6 million).

And there were 8.5 billion records breached last year – three times more than 2018, according to IBM.

Which might be fine for larger companies that can withstand a huge financial blow like that, but it could ruin smaller companies.

10% of SMEs went out of business after experiencing a cyber-attack, and 25% filed for bankruptcy, reports the US National Cybersecurity Alliance.

So it’s hugely important to take precautions by getting your systems and processes in place, and training employees on how to avoid falling victim.

The aftermath of an attack

After all, cyber criminals thrive on fear, and a pandemic is the perfect backdrop.

Cyber security risk increased by 1.8 times this year over the same period last year, according to research from riskmethods. 

That’s because criminals can shift quickly and exploit chaos, says Danny Thompson, SVP of Market and Product Strategy at apexanalytix

Companies are particularly at risk when “normal controls aren’t in place or the key control personnel are out of pocket, or the backup controls don’t get the job done,” Thompson explained during a Procurious webinar in May

“Fraudsters know to strike at times like that and they take advantage.”

Interestingly, Microsoft says there hasn’t been a huge increase in the overall number of cyber-attacks this year.

These criminals are relying on the same old methods of stealing information (like phishing and malware). The only real difference is criminals swapping disguises – shifting to imitate a World Health Organisation official instead of a Nigerian prince for example.

Stay vigilant, educate staff on these common tactics, and you’ll have the best possible defences for your procurement kingdom.

Gone phishing – how to spot a fake email

Phishing is a common tactic used by cyber criminals to steal your personal information.

They send you a fake email or text that appears to be from a legitimate company. Then ask you to ‘confirm’ details like account numbers, passwords, etc

Even though these scams are becoming more sophisticated, it’s usually easily to spot a fake if you know what you’re looking for.

Kate Bevan, from UK consumer advocate site Which?, says there are common red flags in these phishing messages.

1) Urgency: A phishing email will usually have an urgent tone. It says things like “you must fill in your details/confirm your account/whatever immediately to avoid losing access to your account/to pay an outstanding bill/complete a failed payment.”

They are absolutely designed to get the pulse racing, so don’t fall for that. Check your account with the provider the email claims to be from by going to the website and signing in by typing the address into the browser: do not click a link in the email.

2) Not personalised: It almost certainly won’t address you by name. Instead, it’ll say “Dear Customer,” or something generic. A genuine email from a service provider will address you by name.

3) Bad grammar: Watch out for the language and how it’s written: a lot of these are written by people who don’t have English as their first language. Watch out for odd phrasing, poor spelling, and poor punctuation.

4) Weird links: Look at the link they want you to click. Ignore the text in the hyperlink; hover your mouse over it and see where it’s really taking you.

5) Leave it: If in doubt, don’t take any action. If it’s genuine the organisation will follow up.

What to do if you fall victim to a phishing scam

If you think you’ve given away your details to a phisher, change your password immediately and if you use that password on any other website, change it on those, too, Bevan suggests.

You might find this guide helpful from Which? on creating secure passwords.

And if you think a scammer stole your log-in details, keep a close eye on those accounts even after you change your password.

Cancel any debit or credit cards immediately if you suspect they’ve been compromised.

And if you do lose money, report it to local law enforcement and your bank.

Can you spot a fake?

Want to put your skills into practice? Bevan recommends trying out the phishing quiz from Google.

UK Accuses Russia Of Massive Cyberattack on Global Supply Chains

Maersk, TNT and other global companies that suffered nearly a billion dollars in collective damages were not the intended targets of a Russia-launched cyberattack. How, then, were they infected?   

wk1003mike/Shutterstock.com

“The UK government judges that the Russian government, specifically the Russian military, was responsible for the destructive NotPetya cyberattack. Its reckless release disrupted organisations across Europe costing hundreds of millions of pounds. “We call upon Russia to be the responsible member of the international community it claims to be, rather then secretly trying to undermine it.”

This statement was part of the UK Government’s unusual step last week of publicly accusing the Russian military of being behind a cyberattack. The White House also called out Russia, issuing the following statement: “In June 2017, the Russian military launched the most destructive and costly cyberattack in history. This was also a reckless and indiscriminate cyberattack that will be met with international consequences.”

Experts believe that Russian hackers launched 2,000 “NotPetya” attacks in the early hours of June 27 last year. NotPetya was designed to masquerade as ransomware, but was soon revealed to be wiper malware with the purpose of destroying computer systems, erasing data and disrupting business operations.

Global firms were collateral damage

One of the consequences of living in a connected world is increased vulnerability to indiscriminate cyberattacks, even for organisations that are not the hackers’ intended victims.

NotPetya’s primary target was a shipping company in Ukraine, which has been locked in conflict with Russian-backed separatists since 2014. However, the virus-like nature of the cyberattack meant that businesses with strong trade links with Ukraine, including parts of FedEx, Danish shipping giant Maersk, UK manufacturer Reckit Benckister, and Dutch delivery firm TNT were also affected. Pharmaceutical firm Merck & Co and FedEx reported permanent damage to the systems, while a West Virginia health system had to replace its entire network after being attacked.

Russian officials have responded that the claims are “groundless” and that Russian businesses were among those whose systems were affected.

Read more: Wall Street Journal

 

In other news this week:

Unilever Publishes Palm Oil Supplier Data

  • In a move to boost transparency, consumer goods giant Unilever has published the location of over 1,400 mills and over 300 direct suppliers of palm oil.
  • The palm oil industry is under increasing pressure from consumers after revelations of deforestation and human rights abuses in Indonesia and other countries.
  • A spokesperson from Unilever said the company hoped that sharing the information would be the start of a new industry-wide movement towards supply chain transparency.

Read more: The Straits Times

 

Tennessee Truck Dealership Selling Dirty Engines

  • A loophole in emissions control laws has enabled a truck dealership to sell Peterbilt and Freightliner trucks with rebuilt diesel engines that spew 40 to 55 times the air pollution of other trucks.
  • The New York Times reports that the loophole is being “championed” by Environmental Protection Agency administrator Scott Pruitt after the Obama administration failed to close it.
  • The trucks are known as “gliders” because they are manufactured without engines and are later retrofitted with the rebuilt, 1990s-era engines recovered from salvage yards.

Read more: New York Times

 

CIPS Announces New Group CEO

  • The Chartered Institute of Procurement & Supply (CIPS) last week announced the appointment of Malcolm Harrison (FCIPS) as Group CEO.
  • Currently Chief Executive Officer of the Crown Commercial Service at The Cabinet Office, Harrison will take over the post from the current interim CEO, Gerry Walsh, in July 2018.
  • The announcement comes nearly one full year after the sudden passing of former CEO David Noble in February 2017.

Read more: https://www.cips.org/en-cn/news/news/cips-announces-group-ceo-appointment/

Are Employees the Weak Link in Company Cyber Security?

Are your employees leaving the door open for cyber attacks? Here’s how to help them reduce the cyber security threat.

ESB Professional/Shutterstock.com

Employees are a significant risk to their employer’s cyber security according to research by specialist global executive search and interim management company Norrie Johnston Recruitment (NJR).

The research forms part of NJR’s cyber security report, ‘How real is the threat and how can you reduce your risk‘. The report shows that:

  • 23 per cent of employees use the same password for different work applications.
  • 17 per cent write down their passwords.
  • 16 per cent work while connected to public Wi-Fi networks.
  • 15 per cent access social media sites on their work PCs.

Such bad habits and a lack of awareness about security mean that employees are inadvertently leaving companies’ cyber doors wide open to attack.

This research is supported by a report which incorporates the advice from fifteen experts in the field. In it, Benny Czarny, Founder of OPSWAT, discusses the top tips to avoid massive data breaches.

With Sony recently setting aside $15M to investigate the reasons for, and remediate the damage caused by, last year’s data breach, many of our customers—from large enterprises to small business—are wondering what they need to do to make sure they aren’t the next big data breach headline.

The good news is that most data breaches can be prevented by taking a common sense approach, coupled with some key IT security adjustments.

1. Employees’ security training is an absolute necessity. 

I cannot emphasise this point enough, as your network is only as safe as your most gullible employee. Even the most sophisticated security systems can be compromised by human error. The Sony breach started with phishing attacks.

And people still also use USB devices from unknown sources, which is allegedly how the Stuxnet worm was delivered.

2. Access to executable files should be limited to those who need them to complete their duties. 

Many threats are borne via self-extracting files. Therefore, limiting the number of employees who are allowed to receive this file type limits your exposure.

Your IT department absolutely needs the ability to work with executable files. Bob in accounting? Not so much!

3. MS Office documents and PDFs are common attack vectors. 

Vulnerabilities are identified in MS Office and Adobe Reader on a regular basis. While patches are typically released very quickly, if the patches are not applied in a timely fashion the vulnerability can still be exploited.

As an everyday precaution, document sanitisation is recommended to remove embedded threats in documents.

4. Data workflow audits are essential. 

Data can enter your organisation through many different points – email, FTP, external memory device, etc. Identifying your organisation’s entry points and taking steps to secure them is a critical step in avoiding data breaches.

At a minimum, scanning incoming and outgoing email attachments for viruses and threats, and implementing a secure file transfer solution, should be considered.

5. Store sensitive data in separate locations. 

Simple data segregation could have mitigated the impact of the Sony breach. The hack exposed both internal communications and unreleased video files.

Had the videos and emails been stored on two separate systems some of the damages may have been prevented.

6. Internal and external penetration tests are critical. 

Internal testing is a valuable tool, but hiring an outside party to attempt to breach your network will identify security holes your team may have missed.

7. Keep your security architecture confidential. 

You may be excited about your innovative networking solution or new cloud-based storage system, but think twice about making any of that information public!

8. Remember that traffic generated internally to your security system may still be suspect. 

For example, the Sony malware connected to an internal security system to impersonate legitimate traffic to disguise its malicious nature.

9. Multilayer defence is needed. 

I like to describe defence in depth by comparing it to the defence systems you might see at a castle. It could be defended by a large stone wall, followed by a deep moat, followed by a draw-bridge, followed by an iron gate, etc.

A single layer of defence is not sufficient for your data. It must be protected by multiple systems working in parallel. That way if one layer is breached your data is not exposed.

10. Finding your weakest security link is your top priority. 

Every office has one, and it will vary wildly from organisation to organisation. It might be the employee with their passwords taped to their monitor. It might be the deprecated Linux server everyone seems to have forgotten about.

You might not be looking for those weak links, but rest assured that cyber attackers are. The question is: Who will find them first?”

To read more useful and practical insights into topics including how to assess the scale of your risk level and managing the immediate aftermath of a security breach, download the full report.


Looking for an introduction to Cybercrime? Check out this article from Cloudwards. 

US Intelligence to Aid Supply Chains Against Cyber Attacks

A new US Intelligence campaign is set to help supply chains defend themselves against cyber attacks.

supimol kumying/Shutterstock.com

As businesses and supply chains grow increasingly more global, inevitably risk increases at the same rate. One of the most high profile risks for supply chains currently is are cyber attacks and hacking.

With each passing year, the cyber attacks get bigger. In June, the Democratic National Committee was breached by Russian hackers, and 20,000 e-mails, linked to Hillary Clinton’s Presidential campaign, were posted online.

In March, the Bangladesh Federal Reserve lost $100 million to hackers, with only $20 million recovered so far. Over 4,700 cyber attacks have been reported in the US alone since 2005, impacting hundreds of millions of people.

However, organisations with cross-border supply chains are about to get a helping hand in the fight against cyber attacks.

Cyber Attacks & Vulnerable Supply Chains

The National Counterintelligence and Security Centre will provide sensitive information, including classified threat reports, to companies about the risks of hacking in their supply chains.

The move is part of an effort to increase responsibility and education for organisations for supply chain security. It has previously been highlighted that there is a lack of understanding in US companies that having international suppliers makes supply chains vulnerable to cyber attacks.

“The supply chain threat is one that’s the least talked about but is the easiest to manipulate for all aspects of our daily lives,” said NCSC Director, William Evanina.

Domestic & Foreign Threats

The NCSC campaign will initially focus on supply chains linked to both China and Russia, the alleged sources of previous hacks. However, it will also be aimed at domestic hackers, criminal enterprises, and even disaffected former employees.

The campaign will prioritise telecommunications, energy and financial services corporations first. This is in part due to the nature of the business, but also their strategic importance to US national security.

And as well as cyber attacks, the NSCS will also be providing information and advice on so-called “hands on” crimes, such as stealing of classified information, or destruction of sensitive equipment.

Procurement Must “Play Full Part”

As part of the efforts to reduce cyber attacks, the key role of procurement has been highlighted. Evanina emphasised that procurement need to be fully integrated with other areas of the organisation to help mitigate risk.

He highlighted the role of ongoing due diligence to support initial investment in cyber security software and programmes. This would be carried out by procurement, but in partnership with the other areas of the business.

Evanina expands on the role of procurement in this video. He states that research into suppliers, and their own supply chains is critical in mitigating the risk.

Wider World

Although the work to be carried out as part of the campaign is primarily aimed at US companies, the applicability is there for all global supply chains.

Many US-based companies will purchase goods from overseas suppliers, and at the same time there will be companies purchasing from US suppliers. The inter-connected nature of the supply chain, as well as increased connectivity across technological platforms, increases the risk to organisations.

Carrying out due diligence on suppliers, knowing the full supply chain, and, perhaps most importantly, ensuring procurement plays a full part in organisational security, is a way to help mitigate this risk.

Will your organisation be taking advantage of the advice from the NCSC? Will you be impacted by any changes that take place? Let us know in the comments below.

Want to know what’s happening in the world of procurement and supply chain? Well, we’ve picked out the key headlines from the past week to keep you up to date…

Verisk Maplecroft Releases Modern Slavery Index
  • Global Risk Analysts, Verisk Maplecroft, have released their latest supply chain modern slavery index.
  • According to the Index, modern slavery constitutes a ‘high’ or ‘extreme risk’ in 115 countries worldwide.
  • Major exporters China and India fall again into the extreme risk category. The UK is one of only four countries seen as ‘low risk’
  • The report notes that most countries have some form of anti-slavery legislation or framework in place, but lack the resources to enforce these laws.

Read more at Forbes

African Countries Ban Secondhand Clothing Imports
  • A ban on imports of secondhand clothing is to be implemented by the Governments of the East African Community.
  • The group, including Kenya, Tanzania, and Uganda, proposed the ban in order to stimulate the apparel industry in their countries.
  • It is hoped that the measure will also create jobs and bolster the countries’ economies.
  • The rise of ‘fast fashion’ has led to a dramatic increase in the region’s secondhand clothing imports over the past decade.

Read more at Sustainable Brands

Scotland Launches Brexit Stimulus Fund
  • The Scottish Government has announced plans to create a stimulus fund following the UK’s decision to leave the EU.
  • The fund will add an additional £100 million to capital spending to support Scottish businesses.
  • Funds will be allocated to projects based on jobs creation and impact on the overall supply chain.
  • The Government also announced the creation of Business Information Service to support businesses affected by vote.

Read more at Supply Management

Shipping Industry Struggles Continue
  • As the results for the first half of 2016 are released, the struggles in the shipping industry look set to continue.
  • Hapag-Lloyd and Orient Overseas have both reported first half losses for 2016, with Maersk expected to do likewise this week.
  • Decreasing freight rates and over capacity have been blamed for the current plight in the industry.
  • Hapag-Lloyd plans on acquiring United Arab Shopping Co., a deal that could deliver $400 million in savings annually.

Read more at the Wall Street Journal

Is shipping & the supply chain the ‘next playground for hackers’?

The International Maritime Bureau (IMB) is warning the maritime sector to be extra vigilant in light of increasing attacks from cyber criminals.

For a bureau that has traditionally focussed its efforts on fighting piracy and armed robbery at sea, this new digital threat puts an entirely different menace in its crosshairs.

The IMB has been quoted as saying, “Recent events have shown that systems managing the movement of goods need to be strengthened against the threat of cyber-attacks.

“It is vital that lessons learnt from other industrial sectors are applied quickly to close down cyber vulnerabilities in shipping and the supply chain.”

This is cause for concern for the maritime industry especially as ships, containers and rigs are all connected to computer networks. If hackers find but one weakness, it can expose the entire network and make it open to exploitation on a grand scale.

Various cyber security experts have sounded off on this very subject during the past few months, and the media has been quick to pick up on it.  Reuters reported that a floating oil rig was compromised by hackers who tilted it onto its side.  The rig was out of action for an entire 19 days while harmful malware was removed from computer systems.

In Antwerp hackers gained access to port-side computers that enabled them to target specific containers, before making off with the booty and wiping away any telltale digital fingerprints.

The latest warning from the IMB quotes Mike Yarwood – TT Club’s insurance claims expert, speaking at the TOC Container Supply Chain Europe Conference in London. “We see incidents which at first appear to be a petty break-in at office facilities. The damage appears minimal – nothing is physically removed.”

Mike continues: “More thorough post incident investigations however reveal that the ‘thieves’ were actually installing spyware within the operator’s IT network.”

In scenarios similar to the incident in Antwerp, hackers tend to track individual containers through the supply chain to its destination port. Along the way the IT systems related to the cargo are infiltrated, resulting in the hackers either gaining entry to (or generating release codes for) specific containers.

The International Maritime Bureau is a specialized department of the International Chamber of Commerce.