Attack on Giants


June 7, 2021

We have previously written a blog on the Colonial Pipeline cyber attack, and now, just one month later, the hackers strike again hitting yet another huge supplier, this time a food supply giant; JBS USA. Hackers are moving more strategically than ever, looking for a big impact attack with higher chances of yielding financial results, so as identified by the NCSC what we are seeing is a shift in trend from small organisations being hit by ransomware attacks to the attacks now being made on supply chains.

Attacking a small organisation is of course disruptive, but the impact of a small organisation being brought to a stop will be catastrophic to them but generally isn’t hugely impactful beyond them on a national or international scale. JBS USA reportedly employs 250,000 employees worldwide, with facilities in Australia, the U.S and Canada. Since the incident was first reported on the 30th May 2021, plants have been shut down, workers sent home, livestock sent back to farmers, and food supply chains are being impacted heavily. The tentacles of the attack stretch much further than they could within a small organisation, therefore having a much larger impact, and directly affecting the consumer too. This puts significantly more pressure on the organisation to pay the ransomware to be able to resume business.

In response to these recent attacks, the U.S Department of Justice (U.S D.O.J) released a memo on the 3rd June 2021 therein stating; “Recent ransomware attacks - including the attack last month on Colonial Pipeline - underscore the growing threat that ransomware and digital extortion pose to the Nation, and the destructive and devastating consequences ransomware attacks can have on critical infrastructure.” The U.S D.O.J. will be taking much harsher measures when pursuing cyber criminals involved in ransomware attacks and will investigate them using similar measures to those used against foreign and domestic terrorists.

There are lots of discussions on how to deal with hackers; at the NCSC CYBERUK 2021 virtual conference UK Home Secretary Priti Patel stated: "Government has a strong position against paying ransoms to criminals, including when targeted by ransomware”. This advice however, is becoming harder to follow when you consider the financial loss experienced by those being blocked by the attack, and especially when cyber criminals hit health care organisations and other critical infrastructures, so many organisations are being forced to make some very difficult decisions. Aggressively analysing cryptocurrency exchanges so hackers can't cover their tracks and convert ransom payments to fiat currency is a long and arduous task. But these all relate to post attack recovery. So as the saying goes, “prevention is better than cure”; adopt, implement and maintain necessary and adequate security measures. This now includes doing due diligence on your supply chain too; we are seeing with increased frequency that if part of your supply chain is brought to its knees, it will have a knock-on effect on your business and inevitably your consumers too - you are only as strong as your weakest link. 

Darkbeam helps give visibility of the risk associated to your entire supply chain, by being able to scan the cyber posture of thousands of suppliers in a matter of minutes. We show you what the hackers see; which of your vendors have poor cyber hygiene and where the chinks in your supply chain armour are, allowing you to take the necessary remediation steps. If you would like to bulk scan your supply chain and see where any might be, please get in touch!

 

Natasha Bianchi