Skip to content
Search AI Powered

Latest Stories

Press releases are provided by companies as is and have not been edited or checked for accuracy. Any queries should be directed to the company issuing the release.

Resilience360: How Hackers Leverage COVID-19 to Disrupt Supply Chain Operations

As the COVID-19 pandemic shows little sign of wavering, commercial IT vulnerabilities that were created, exposed, or accentuated by new global health circumstances have also crystallized rather than subsided.

Resilience360: How Hackers Leverage COVID-19 to Disrupt  Supply Chain Operations

Over the past month, Resilience360 has recorded cyberattacks on major manufacturers in the automotive, aerospace, and health & life sciences industries, among others. As the COVID-19 pandemic shows little sign of wavering, commercial IT vulnerabilities that were created, exposed, or accentuated by new global health circumstances have also crystallized rather than subsided.

“The COVID-19 working environment has created new IT vulnerabilities and has accentuated known vulnerabilities for commercial enterprises,” said Daniel Boccio, Risk Intelligence Analyst, Resilience360. “Attacks on maritime and offshore energy enterprises have increased four-fold, compounding damage to businesses that were already confronting market shocks. This has spared no industry; even critical life sciences and healthcare facilities and institutions have found themselves the victims of attacks, despite pacts by some ransomware groups to spare them from targeting.”


“Once a commercial IT network has been compromised, hackers may be able to steal sensitive information in a data breach or shut down systems operations until a ransom is paid,” continued Boccio. “One can expect exploitation of the pandemic in cyberspace to include, but not be limited to, phishing, exploits with refined lures to either exploit information or install malware, or to exploit vulnerabilities in minimally populated and/or remote workplaces.”

Below, Resilience360 details the two methods of exploitation that are most commonly being employed to disrupt commercial IT networks during the COVID-19 pandemic.

Phishing:
The most common method utilized by hackers to compromise IT networks, phishing. Phishing involves the impersonation of legitimate governmental, business, or personal entities in order to “fish” for a victim that will enable access to a network. This is often facilitated by tricking the victim into clicking a dubious link with malicious software — malware — embedded. Hackers often include information of public or personal interest to increase open and click rates. With the emergence of the COVID-19 pandemic, hackers have seized the opportunity to develop “phishing lures” designed to exploit strong public demand for updates on the constantly evolving global health situation, accentuating the risk of attack by this method.

Remote and office workstation security exploits:
The rapid transition to remote, digital workstation solutions and the corresponding decrease in activity at office workstations have generated new vulnerabilities for commercial enterprises. In a physical sense, below-average volumes of workers on-site create new opportunities for security breaches. Absences from stationary workstations or server rooms, or even the open display of PII, FI, and credentials around an office, can create an untold number of opportunities for an intruder or unauthorized visitor to compromise business systems.

To combat these tactics, Resilience360 recommends that customers work with their suppliers on the following measures:

● Maintain data backups: Supply chain managers can work with suppliers to verify or stipulate that they are maintaining system backups. Regular and thorough backups are the best mitigation against ransomware, regardless of inclination to pay. As a best practice, companies which maintain ongoing, comprehensive backup programs create an effective “mirror” of current operations, enabling them to quickly jump to a parallel system in the event of an attack.
● Know your defenses: Mindful that customers will be challenged to assess cybersecurity across the entirety of an organization, firewall and vulnerability mitigation should be prioritized for those with not only the greatest access to the customer’s host network, but also for those with the greatest exposure to threats. This measure of exposure includes factors such as industrial control systems known to be vulnerable, or location or in an industry known to be a frequent target for attacks. Keeping abreast of the latest threats that target backups can further enhance an organization’s defense posture.
● Enhance physical security: Verify that suppliers have adequate measures in place to protect office environments from compromise. While offices remain below normal occupancy, customers should ensure that supplier facilities have secured any physical documents with potentially compromising PII, FI, and credentials to reduce exposure.
● Synchronize threat preparation and response: Ensure that suppliers have business continuity in place should a cyberattack occur. Such preparation to enhance coordination and minimize confusion in the event that a crisis strikes can allow all parties involved to save time and act in unison to maintain supply chain agility.
● Know the systems of your suppliers: Awareness of technological tools, hardware, equipment, and operational systems of suppliers can empower those responsible for information security on your team to anticipate potential disruptions and take a proactive role in helping supply chain managers to mitigate threats amongst suppliers.
● Ensure social engineering awareness: Collaborate with IT partners to conduct realistic, frequent, and varied phishing testing at the supplier level and across the supplier network in order to identify vulnerabilities and reduce to the greatest extent possible the threat field that a potential hacker can exploit. Maintain information-sharing relationships with appropriate law-enforcement bodies to further enhance awareness and protection and encourage suppliers to do the same. Supply chain managers must also collaborate with IT teams to determine impact to a disrupted business, obligations to maintain cybersecurity, and standards to maintain, such as ISO/IEC 20071/2.

For a complete list of all of Resilience360’s COVID-19 supply chain research, please visit https://www.resilience360.dhl.com/coronavirus-supply-chain-resources/.

https://www.resilience360.dhl.com/wp-content/uploads/2020/08/20200806_COVID-19-Pandemic-creates-opportunity-for-innovative-cyber-threat-campaigns.pdf

The Latest

More Stories

​OPEX® Sure Sort® X with Xtract™ Warehouse Automation System Is Named a Finalist in the New Equipment Digest NED Innovation Awards

MOORESTOWN, NJ (December 18, 2024) OPEX® Corporation, a global leader in Next Generation Automation providing solutions for document, mail, and warehouse automation, has been selected as a finalist in the 2024 NED (New Equipment Digest) Innovation Awards, which celebrates innovations in industrial technology, tools, and equipment that empower businesses to work faster, better, and more cost-effectively.

OPEX Sure Sort® X with Xtract™, a high-speed automated sortation and order retrieval system, was recognized in the NED Innovation Awards Automation category.

Keep ReadingShow less

Featured

Hy-Tek Intralogistics releases Top Trends for 2025

Columbus, OH – December 18, 2024 – Hy-Tek Intralogistics, a premier provider of software, systems and services for supply chain automation technology, has released an episode of its popular podcast Automation Insider that looks at warehousing trends for 2025.

Automation Insider is a podcast created for people interested in what is new and what is successful in logistics and automation technology across a wide range of industries.

Keep ReadingShow less
Averitt Promotes David Fussell to Vice President of Dedicated Sales

Averitt Promotes David Fussell to Vice President of Dedicated Sales

COOKEVILLE, Tenn. — Averitt has promoted David Fussell to vice president of dedicated sales, following the retirement of Walt Gray.

Fussell joined Averitt in 1991 and has held several key positions throughout his career. He served as a transportation sales specialist in Decatur and Nashville, later becoming service center director in Little Rock. In 2018, he transitioned to director of dedicated sales, working closely with Gray to expand the company’s dedicated accounts and deliver customized solutions to customers.

Keep ReadingShow less

Schneider is first major carrier to achieve six million zero emission miles with the Freightliner eCascadia

GREEN BAY, Wis.-- Schneider National, Inc. (NYSE: SNDR), a premier multimodal provider of transportation, intermodal and logistics services, is marking another significant milestone as its battery electric vehicle (BEV) fleet has surpassed six million zero emission miles, highlighting its commitment to reducing carbon emissions and advancing cleaner transportation.

“Reaching six million zero emission miles is a testament to our steadfast dedication to sustainability and innovation,” said Schneider President and CEO Mark Rourke. “Leading the way in adopting electric vehicle technology not only benefits the environment but also serves as an example of the broad service capabilities and flexibility we can offer to customers.”

Keep ReadingShow less
Roboteon announces breakthrough simulation capability for mobile robots in distribution

Roboteon’s Warehouse Robotics Fulfillment platform

Photo courtesy of Roboteon

Roboteon announces breakthrough simulation capability for mobile robots in distribution


Roboteon, provider of a powerful software platform for warehouse robot enablement, announces breakthrough simulation capabilities in its platform for robotics and other warehouse automation. The new tool help companies make better decisions across multiple time horizons, from initial automation planning through real time execution on the floor.

Interest in Autonomous Mobile Robots (AMRs) and other robotics is high, but there remains much uncertainty about use cases, the number of AMRs and humans needed across different time horizons, expected operational improvements, and cost savings from the robotics investment.

Keep ReadingShow less