UK Accuses Russia Of Massive Cyberattack on Global Supply Chains

Maersk, TNT and other global companies that suffered nearly a billion dollars in collective damages were not the intended targets of a Russia-launched cyberattack. How, then, were they infected?   

“The UK government judges that the Russian government, specifically the Russian military, was responsible for the destructive NotPetya cyberattack. Its reckless release disrupted organisations across Europe costing hundreds of millions of pounds. “We call upon Russia to be the responsible member of the international community it claims to be, rather then secretly trying to undermine it.”

This statement was part of the UK Government’s unusual step last week of publicly accusing the Russian military of being behind a cyberattack. The White House also called out Russia, issuing the following statement: “In June 2017, the Russian military launched the most destructive and costly cyberattack in history. This was also a reckless and indiscriminate cyberattack that will be met with international consequences.”

Experts believe that Russian hackers launched 2,000 “NotPetya” attacks in the early hours of June 27 last year. NotPetya was designed to masquerade as ransomware, but was soon revealed to be wiper malware with the purpose of destroying computer systems, erasing data and disrupting business operations.

Global firms were collateral damage

One of the consequences of living in a connected world is increased vulnerability to indiscriminate cyberattacks, even for organisations that are not the hackers’ intended victims.

NotPetya’s primary target was a shipping company in Ukraine, which has been locked in conflict with Russian-backed separatists since 2014. However, the virus-like nature of the cyberattack meant that businesses with strong trade links with Ukraine, including parts of FedEx, Danish shipping giant Maersk, UK manufacturer Reckit Benckister, and Dutch delivery firm TNT were also affected. Pharmaceutical firm Merck & Co and FedEx reported permanent damage to the systems, while a West Virginia health system had to replace its entire network after being attacked.

Russian officials have responded that the claims are “groundless” and that Russian businesses were among those whose systems were affected.

Read more: Wall Street Journal


In other news this week:

Unilever Publishes Palm Oil Supplier Data

  • In a move to boost transparency, consumer goods giant Unilever has published the location of over 1,400 mills and over 300 direct suppliers of palm oil.
  • The palm oil industry is under increasing pressure from consumers after revelations of deforestation and human rights abuses in Indonesia and other countries.
  • A spokesperson from Unilever said the company hoped that sharing the information would be the start of a new industry-wide movement towards supply chain transparency.

Read more: The Straits Times


Tennessee Truck Dealership Selling Dirty Engines

  • A loophole in emissions control laws has enabled a truck dealership to sell Peterbilt and Freightliner trucks with rebuilt diesel engines that spew 40 to 55 times the air pollution of other trucks.
  • The New York Times reports that the loophole is being “championed” by Environmental Protection Agency administrator Scott Pruitt after the Obama administration failed to close it.
  • The trucks are known as “gliders” because they are manufactured without engines and are later retrofitted with the rebuilt, 1990s-era engines recovered from salvage yards.

Read more: New York Times


CIPS Announces New Group CEO

  • The Chartered Institute of Procurement & Supply (CIPS) last week announced the appointment of Malcolm Harrison (FCIPS) as Group CEO.
  • Currently Chief Executive Officer of the Crown Commercial Service at The Cabinet Office, Harrison will take over the post from the current interim CEO, Gerry Walsh, in July 2018.
  • The announcement comes nearly one full year after the sudden passing of former CEO David Noble in February 2017.

Read more: