BlueVoyant Finds Ransomware Attacks on Shipping and Logistics Firms Triple
April 22, 2021
released its newest report: Supply Chain Disruptions and Cyber
Security in Logistics. As Global health is dependent upon the
immediate, safe and effective distribution of the COVID-19
vaccine, logistics firms are literally carrying the world
through the current crisis. Underscoring its vulnerability to
attack, U.S. Policymakers have put a spotlight on cyber security
in the supply chain with recent Executive Orders enacted to
secure maritime shipping and logistics.
Key Report Findings:
Unprotected Networks Vulnerable to Phishing/Spoofing Attacks
BlueVoyant’s assessment indicates the immediate need for shipping and logistics companies to dramatically improve IT hygiene and email security. This is clearly underscored by the fact that 90% of the companies studied had open remote desktop or administration ports at IP addresses on their network, and most appeared to have email security vulnerabilities. The report also shows that domains belonging to 14 of the 20 companies studied have no protection against phishing and spoofing attacks, 16 of the 20 companies have devices running unsupported software on their networks and half of the companies appear to be running software with high-severity vulnerabilities on their servers.
COVID-19 Vaccine Delivery Focuses Attackers on Supply Chain
High-profile cargo like the COVID-19 vaccine – and the data that goes with it – make shipping and logistics companies high-value targets to cybercriminal and national state actors aiming to disrupt government efforts and steal sought-after vaccine data. This places additional burden on a sector that, in the past, has already faced significant disruption from cyberattacks. Consider the 2017 global NotPetya ransomware attack that froze Danish shipping firm Maersk’s worldwide logistics operations, costing the firm a whopping $250-300m.
Commenting on the research, Thomas Lind, Head of Strategic Intelligence, BlueVoyant said: “IT management issues, such as those observed in our assessment, played a key role in NotPetya’s infection of Maersk’s systems; an especially damaging case which served as a violent wake-up call for the logistics industry. Alarmingly, more than four years later, the sector remains vulnerable to malicious cyber activity, and specifically vulnerable to ransomware attacks.”
Securing America’s Supply Chain
In February of this year, the Biden administration signed an Executive Order on America’s Supply Chains to secure and bolster the American supply chain and mitigate its vulnerability to attack, highlighting its critical role in the delivery of the COVID-19 vaccine. There are also a number of actions logistics and supply chain companies should immediately implement to mitigate against future attacks and improve their operational preparedness. These include securing email services and mail servers against phishing and spoofing, securing port and network configurations, updating and patching software, being aware of OFAC regulations and utilizing advanced security services to protect against the multi-faceted and evolving threat landscape.
Jim Rosenthal, co-founder and CEO, BlueVoyant, concludes: “Widespread vulnerabilities persist at a time of increased scrutiny and critical reliance on supply chains; as countries around the world wait for efficient and safe vaccine distribution programs, and as entire work-from-home economies rely heavily on global shipping. The Biden Executive Order demonstrates increased national focus on and critical support for this sector. Given the sensitivity of distribution networks to disruption, the global reliance on supply chain businesses, and the lingering warning of the NotPetya attack, it is a critical and immediate imperative for this sector to become more resilient against ongoing cyber threats.”