The modern technologically-advanced world offers huge potential benefits, yet with digital infrastructure comes new risks, and in this piece, we look at what these risks are, how they can destabalise a business, and how to defend against them.
One major concern for modern businesses is the sheer power cybercriminals have at their disposal.
For instance, cybersecurity experts Cybersecurity Ventures estimate that the market for crime in cyberspace will hit US$10.5 trillion by 2025.
Not only is this huge figure worrying because of the sheer amounts being stolen from individuals and companies, but also because of the temptation it provides for hackers and computer experts.
At present, a battle is being waged between top governmental bodies alongside cybersecurity firms, versus cybercrime syndicates, with the latter often being able of offering huge financial incentives to new potential hackers.
All things considered, this is a major concern for the supply chain sector whose future depends upon fast, efficient digital technology that provides big data storage, AI modeling, real-time visibility, and of course, online finance processing.
In this piece, we highlight 3 of the biggest threats facing the sector and explore what can be done about each:
1. Shielding Your Database
Databases are the proverbial 'bread and butter' for hackers, as gaining access to a database offers immediate insight into client and staff data, finances, transactions, and operations.
From here, cybercriminals can either rewire monies, sell or trade private data and even hold companies to ransom.
Recent history is littered with such attacks also.
Going back to 2012, we have the infamous Saudi Aramco hack that halted oil production, and while this attack was seemingly political not financial with a mission to find and destroy data rather than steal it, it showed the raw power of a cyberhack.
In the attack, cybercriminals were able to destroy 30,000 computers’ data, which led to a huge amount of information lost and halted operations at the company.
The Maersk Attack
In 2020, shipping giant Maersk faced an almighty crisis that cost the Danish company up to $300 million.
One lesser-mentioned element of this attack was that - and note this down carefully - Maersk wasn't the intended target of the attack.
What happened was that Maersk was interfacing with a company that was the target, and as there were vulnerabilities in Maersk’s systems, the software used to infect one company ended up infiltrating Maersk's systems.
Once this occurred, malware traveled through Maersk's entire global network, and all systems had to be shut down.
The attack cost Maersk hundreds of millions of dollars, sent shockwaves through the supply chain, and hit them where it hurts - in terms of reputational damage.
How to Defend Your Company
After the attack, Maersk was very eager to be open and transparent about the attack in an effort to both highlight the dangers of cybersecurity attacks and to salvage some reputational clout.
Maersk’s Head of Cybersecurity, Lewis Woodcock, has pointed out that firms need to know their core business processes in case of an attack, as well as having a data-recovery plan in place should the worst happen.
He said: "From there, you can really understand how to protect and secure and also recover – crucially in that order.
"This really requires more of a balance between the preventative measures and also your recovery measures.
"Companies which have this real focus between these two and investment will have better standing against future threats."
2. Social Media
You may not have expected social media to be on this list, but as it is so commonly used by individuals and businesses - almost 5 billion people have a social media account of some description - it has become a key arena for cybercriminals.
Social media cybercrime can take many forms, from scamming to constructing duplicate accounts to infiltrating the social media companies themselves.
How to Defend Your Company
The main thing for organizations to focus on here is ensuring you have dual locks on any social media accounts, that means business management has final authorization on any social media account access, and that passcodes are changed at least twice yearly.
Further, modern-day staff need to be cybercrime aware, and this means that they are aware as to professional protocol regarding intimate personal or business information.
Staff should know exactly what information is needed when logging on to private networks, as well as what information customers need from you.
The social media scamming industry is worth almost $50 billion today, so it pays to ensure your staff is trained, aware and up-to-date.
3. Internet of Things (IoT)
The Internet of Things (IoT) is the future, especially for the supply chain.
IoT, for the unaware, is the interconnected functioning of key infrastructure, key technology, and 'things' that work together to create a smoothly functioning 'smart city'.
In practical terms, this means that your car can communicate with the road networks to warn of traffic and emissions excesses, while planes can commicate with trucks to optimize loading times.
IoT has massive potential, yet with that comes great risk, whereas cybercriminals could once hold a whole organization to ransom, now they could theoretically hold a whole city to ransom.
According to software experts Symantec, IoT devices already experience an average of 5,200 attacks per month, so it pays to be prepared.
How to Defend Your Company
Much like social media, let's start with the basics, you must change passcodes regularly - note here we're saying 'passcodes', not 'passwords'.
The days of having your treasured pet or hometown as a passcode are gone, now you need ever-evolving codes with numerals, letters and special characters in seemingly random assortment to stay safe.
Secondly, with anything that's interconnected to wider infrastructure, you need to ensure all cybersecurity software is cutting-edge and that technical updates to systems are made regularly.
It may also pay to have an in-house security expert watching your operation 24/7, or at least a consultancy firm that can overlook your operation at regular intervals and warn of areas that could be exploited by cybercriminals.
Read more: Maersk to Revolutionise e-Commerce in India