The latest cyber attack has seen Colonial Pipeline, which transports up to 45% of the oil used on the east coast of America, reportedly pay over $5 million in ransom to 'cyber-gangsters', DarkSide.
Announced as a State of Emergency by the US President, this targeted hack saw the US company lose service for five days causing major disruption within their supply chain.
Colonial Pipeline is not alone in these type of attacks. This year we have seen virtually every sector, both private and public, suffer business disruption due to some form of cyber attacks. According to Bitdefender there was a 485% increase in ransomwear attacks in 2020 over 2019 - with the average cost of an attack being $260,000, according to KPN. And this figure is likely to rise if we don't shift focus to prioritise third party security, and hold our supply chain to the same measures as we do for our own organisations cyber security.
Whilst there's no information currently on how this attack occurred, we are encouraging organisations to analyse their exposure to cyber risk and third party risk to ensure they aren't the 'easy access route' for a cyber criminal. Given how digitally connected modern supply chains are it just takes one small company to be breached for it to have much larger effects elsewhere. Take the attacks on Target and Solarwinds as an example.
Let's not be fooled, these cyber gangs work like any other organisation, with reports of the them earning collectively about $18bn a year. And they are not going to stop targeting companies when there's such high rewards/payouts - so it's up to us to make sure we (including our digital ecosystem) are as secure as possible. Protecting your organisation from the inside out isn't enough, we need to see through the eyes of the hostile attacker to see, and then defend, where they are likely to attack.
If you would like to understand your digital landscape in more detail then why not try our 90-day trial of our platform. This will give you an instant understanding of how secure your supply chain is and possibly prevent you from a cyber attack.