Procurement Leader's Guide To Ransomware


An understandable guide to the invisible threat disrupting supply chains.
Lockbit example. jpg

What is ransomware?

Ransomware is a type of software used by cyber criminals to help them make money from their targets (either companies or individuals).  
 
It does this by "encrypting" their files (making them completely unusable) and then charging a fee (or 'ransom') to restore them. A real-life example can be found in the companying image. 
 
In the majority of cases, paying this fee will result in files being unlocked. The consequences for not paying can be significant – with the encrypted files often being released onto the dark web. The UK suffers the highest number of ransomware attacks globally. 

Why should Procurement teams be concerned about ransomware?

Procurement operations can be significantly affected by ransomware targeting suppliers, making cyber risk an important factor in supply chain risk management.  
 
One of the most significant impacts of such attacks is the disruption of operations. When a supplier's systems are compromised, it can lead to delays in the delivery of goods and services, which can have a domino effect throughout the entire supply chain. This can result in lost revenue, damage to reputation and customer trust, and potential legal and regulatory consequences. 
 
Any sensitive information held by the supplier could be in the criminals' hands and can be used by them or their affiliates to inflict direct harm on your business or customers.  
 
Examples may be defrauding customers (if their information was included in the data) or using the information gleaned in the breach to directly target your business. A single copy of an email exchange with a member of a company's procurement team can be enough information to launch a convincing phishing campaign which leads to that business being the next target of a ransomware campaign. 

How does ransomware get onto computers?

Infecting a company's systems with ransomware is incredibly easy for criminals. All it takes is one person to click a malicious link and download their ransomware software without even knowing it. The criminals are then able move through the target company's network, infecting more systems until their begin their encryption. Two thirds of ransomware attacks happen this way. 
 
Companies are not defenceless. There are a large number of tools they can use to protect themselves. Many large businesses employ entire cyber security departments specifically for this purpose. Unfortunately, cyber security is a never ending game of cat-and-mouse, with criminals finding new ways to infect systems faster than the vulnerabilities can be patched.  
click here

How many companies are attacked each year by cyber criminals? 

Ransomware doesn't discriminate and any type of business can be hit: from very small suppliers to global organisations. Because many victims of ransomware pay the ransom and don't disclose it, an exact number is impossible to calculate. Research suggests that a ransomware attack is carried out ever 11 seconds.  
 
Some of the ransomware attacks identified Darkbeam's proprietary dark web monitoring technology on one day in January 2023 include: 
  • A leading global electrical component manufacturer 
  • A chemical processing equipment provider 
  • A major food processing firm 
  • A chartered accountancy 
  • A regional court system 
  • A city housing authority 
  • A corporate law firm 
  • A tax law firm 
  • A country-specific branch of one of the world's largest outsourcing firms 
  • A dental manufacturing company 
  • A corporate telecommunications provider 
  • A general insurance company 
  • A training and recruitment firm in the banking sector 

Protecting your supply chain chain from ransomware

In reality, cyber risk in the supply chain cannot be completely removed. However, very few businesses take even the most basic steps to protect themselves. Only 11% even measure the risks to be addressed.  
 
The most common reasons for not addressing cyber risk on the supply chain are a lack of time, a lack of expertise and a lack of available budget.
 
To help Procurement teams address the growing risk of ransomware impacting their supply chain, Darkbeam created a fully managed Supplier Cyber Risk Management Service. This allows your team to focus on what they do best, while our highly experienced cyber Analysts continuously measure risk levels across your supply chain, monitor for threats against key suppliers, provide high level reporting and support with strategic decision making. 
 
To learn more about how Darkbeam can support your Procurement operation's cyber risk management, enter your email below or click here to book an introductory call.