Protecting Supply Chain Operations from the Next Cyber Threat

The interconnections between devices and technologies can be complex, expensive and sometimes risky.

Monsitj Stock adobe com
monsitj/Adobe Stock

It’s no secret that supply chains have evolved significantly — even breathtakingly — and will continue to do so, as will the need to improve supply chain efficiency and security. Modern warehouses and distribution centers feature state-of-the-art smart devices, including smart conveyors, sensors, cameras, robots and cobots (collaborative robots). And, here’s the rub -- the interconnections between all these devices and technologies can be complex, expensive and sometimes risky.

From the standpoint of Industrial Internet of Things (IIoT), the big-picture objective is to enable customers to combine data from Internet of Things (IoT) devices with data from operations technology to solve operational inefficiencies and issues impacting supply chain providers, distribution and fulfillment.

It’s about improving supply chain efficiency and security — and specifically — enabling customers to easily cross-connect applications with new systems, with low technical gap and to automate their IIoT hardware and warehouse processes quickly to optimize workflow operations.

Hackers on offense vs companies on defense

The use and diversity of unmanaged IoT devices in enterprises expands every day and across every industry. This in turn creates new security exposures and broadens the attack surface. From a security standpoint, it’s all about exposure management — understanding your vulnerabilities and weaknesses and whether you have the mechanisms in place to respond and recover.

A hacker’s offensive game plan often starts with reconnaissance. How? There are around 10-15 open-source tools available to obtain a list of all IoT systems exposed to the internet.

The way IoT devices are administered is through Human Network Interfaces (HNIs). When looking into IoT-based attacks, it’s the HNIs that are one of the main causes of the disruption because these interfaces are often configured incorrectly. They’re also browser-enabled and can be accessible from anywhere on the internet.

Attackers build upon this list of exposed IoT devices by identifying who the IP addresses are attributed to. Perhaps it’s a gigantic oil company that also has huge natural gas and petrochemical operations. Or maybe a medical enterprise. Or perhaps a large organization with technology, healthcare and aerospace operations. The short of it is, once the reconnaissance is done, cybercriminals can quickly list or enumerate each exposed device and then look for vulnerabilities. The attackers then search for known exploits and simply launch an attack. That’s how straightforward an attacker’s offensive strategy is.

Knowing what you have is half the battle

A company’s defensive effort is where it all gets very interesting. Let’s face it. An attack is guaranteed. Anyone claiming otherwise is daydreaming. So, it pays to be proactive, which starts with discovery. Determining what assets or endpoints you have — the scanners, rugged mobile computers, operating system layers and where they all are in the supply chain is half the battle. And, what are the vulnerabilities that come with them?

This is where the convergence of IT and IIoT comes into play and the foundational concept of discover, enumerate and understand your exposures (DEE); in other words, understanding the things that can go wrong:

  • Endpoints or end devices placed in the field.
  • Weaknesses in the software you’ve installed.
  • Cyber-hygiene, missing patches and proper patch configuration.
  • The controllers, operating systems, software and middleware on the edge.

The more quickly you gain the visibility and clearer understanding of risks and exposures, the faster you can structure the most appropriate defensive framework. Again, it’s about the convergence of IT and IIoT. And, the starting point to arrive at greater productivity securely is DEE.

Another key security consideration in the world of supply chain is segmentation. If one of your suppliers gets attacked, will those attacks spread to your entire supply chain? What you don't want is collateral damage.

It’s worth putting into perspective that very few people in the world understand industrial systems and there is a lack of security expertise within the world of IIoT. So, tapping outside expertise to help build the capability for response and recovery is essential. It takes time and investment. Any organization already running a massive IIoT system would be wise to have the teams in place that are ready for instant response and recovery.