supply chain (21)

10732913864?profile=RESIZE_400xThe Port of Los Angeles has been making headlines after sharing an eye-opening statistic; the port faces around 40 million cyber-attacks per month.  As the busiest port in the western hemisphere handling $250 billion of cargo each year this astounding number of attacks could wreak havoc on the supply chain and international commerce.

The number of attacks has more than doubled since the beginning of the Covid-19 pandemic. The pandemic has also impacted the port’s efficiency as workers were force

10672047278?profile=RESIZE_400xGPS, or Global Positioning Systems, have become a staple of our lives – especially in the transportation sector.  Whether you are broadcasting your location for a rideshare or trying to find the quickest way to avoid traffic on your commute it seems that paper maps and printed directions have become a thing of the past.  It comes as no surprise that the more we rely on interconnected devices the more susceptible to cyber attacks we become.   This is exemplified through the Cybersecurity & Infras

10532607858?profile=RESIZE_400xBoth public and private maritime industries within the entire transportation supply chain is finally getting up to speed with cyber security.  The Port of Long Beach in California is poised to build its “Supply Chain Information Highway” digital infrastructure on the Amazon Web Services platform, following a new agreement with the online retail giant.

This “Information Highway” is being created to aggregate data collected at the port on a single platform for access by companies across different

10482542089?profile=RESIZE_400xThe supply chain provides the framework for the modern transfer of goods.  Logistics play a pivotal role from the acquisition of raw materials to the delivery of a final product to the end user.  Generally, the raw materials are transported to a supplier, who then transports the materials to a manufacturer.  The manufacture creates a finished product that is then distributed to either a retailer or warehouse where the product is either sent to or carried out by the consumer.  Pictured below is a

10145990287?profile=RESIZE_400xLogistics and freight forwarding giant Expeditors International announced a cyber-attack on 20 February that crippled some of their operating systems and continues to slow their operations around the globe.  The Seattle-based freight company, which brought in $10.1 billion in revenue last year, said they shut down most of their operating systems globally after discovering the cyber-attack.  "The situation is evolving, and we are working with global cybersecurity experts to manage the situation.

10081106298?profile=RESIZE_400xMerchant tanker and barge shipments in and out of Europe’s biggest oil hub have been delayed by up to a week as four storage companies work to resume operations after cyber-attacks.  Since the end of last week, storage company Oiltanking and oil trading firm Mabanaft, both owned by Germany’s Marquard & Bahls, have been hit by hackers.  Belgium’s SEA-TANK and Dutch fuel storage firm Evos have also been affected.

The companies have had to suspend some operations, affecting oil flows in the Netherl

9984343865?profile=RESIZE_400xCyber security investigators have reported that replicable attacks and a low barrier to entry will ensure the rate of supply chain attacks increases in 2022.  The supply chain is a consistent attack vector for threat actors today. By compromising a centralized service, platform, or software, attackers can then either conduct widespread infiltration of the customers and clients of the original singular victim or may choose to cherry-pick from the most valuable potential targets.  This can save cy

9984308887?profile=RESIZE_400x

US Department of Agriculture (USDA) analysts have reported that China, with less than 20% of the world's population has managed to stockpile more than half of the globe's corn and other grains, leading to steep price increases across the planet and dropping more countries into famine.  COFCO Group, a major Chinese state-owned food processor, runs one of China's largest food stockpiling bases, at the port of Dalian, in the northeastern part of the country.  It stores beans and grains gathered fr

9933273901?profile=RESIZE_400xUnless you have been living in a cave, everyone knows that supply chain issues and delays are widespread and affect many industries.  For small businesses, it is even worse.  Large companies, including major retailers, are using their own shipping to get needed supplies and inventory in time.  Whether you have a retail outlet or an e-commerce store, it can be a challenge to keep popular items stocked and deal with impatient customers.  Here are some ways you can prepare for these challenges and

9739418301?profile=RESIZE_400xMicrosoft has teamed up with Intel and Goldman Sachs to push for hardware security improvements that could help to mitigate supply chain risks.  Working under the auspices of the non-profit Trusted Computing Group (TCG), the companies have created a new Supply Chain Security workgroup that will aim to bring in experts from across the tech sphere.

The TCG argued that malicious and counterfeit hardware is particularly difficult to detect as most organizations don’t have the tools or in-house knowl

9404982272?profile=RESIZE_400xSupply chain networks have for some time been driven by technology over the years and have evolved accordingly.  The same technologies that make supply chains faster and more effective also threaten their cybersecurity. Supply chains have vulnerabilities along touchpoints with manufacturers, suppliers, and other service providers.

With constant global cyber threats, it is vital that companies involved in the supply chain understand risks and how to respond to them.  So, what is the best way to p

9271222487?profile=RESIZE_400xA recent cyber security blog by researcher Maahnoor Siddiqui, he provides a clear picture of the threats and vulnerabilities in the Transportation supply chain.  A concern shared by Red Sky Alliance.  Our 40-minute commute to work in the morning can feel like an insular event.  Whether it is by bus, train, ferry, or car; it can be hard to place this single event within the vast network of transit that occurs every day.  These small personal journeys make up a highly interconnected transportation

8929187069?profile=RESIZE_400xActivity Summary - Week Ending 14 May 2021:

  • Red Sky Alliance observed 78 unique email accounts compromised with Keyloggers
  • Analysts identified 23,596 connections from new unique IP Addresses
  • 1,802 new IP addresses are participating in various Botnets
  • COVID-19 Lures Continue
  • RotaJakiro
  • Lemon Duck
  • Colonial Pipeline and DarkSide
  • US – Oil Supply Chain Repercussions
  • Belnet hit in Belgium
  • Rubin Design Bureau, Russian DIB
  • BoA upping Cyber Security Budgets
  • The “new” Normal, is it?

Link to full report:

8910810901?profile=RESIZE_400xThe U.S. Cybersecurity and Infrastructure Security Agency and the National Institute of Standards and Technology have released a report providing insights on how to enhance supply chain security in the wake of the SolarWinds attack.

The guidance released 28 April 2021, "Defending Against Software Supply Chain Attacks," offers recommendations on how to implement the NIST Cyber Supply Chain Risk Management Framework and the Secure Software Development Framework. "This resource provides in-depth re

8824223077?profile=RESIZE_400xThe US government is working to draw attention to supply chain vulnerabilities, an issue that received particular attention late last year after suspected Russian hackers gained access to federal agencies and private corporations by sneaking malicious code into widely used software. 

The US National Counterintelligence and Security Center (NCSC) recently warned that foreign hackers are increasingly targeting vendors and suppliers that work with the government to compromise their products in an e

8266337488?profile=RESIZE_400xAs the Covid virus marches on, many are seeing the light at the end of the tunnel.  Each day brings us a little closer to the approval and distribution of COVID-19 vaccines in the US, UK and close in many other countries.  According to the US Health and Human Services (HHS) Secretary Alex M. Azar II, officials with Operation Warp Speed (OWS) report that 20 million doses of the COVID-19 vaccine could be distributed this month.  ”We are planning to be ready when [an emergency-use authorization by

7962214498?profile=RESIZE_400xThe current US administration is signaling it will be updating the US government’s approach to its maritime cybersecurity strategy.  Cyber security priorities are being discussed to enhance and secure the US’ ability to ‘project power at sea and defend against adversarial cyberattacks.’  The plan involves a re-examination of the national approach to information sharing and better emphasizing the use of operational technologies in ports. 

Hackers at all tier levels have long targeted shipping fir

7812469654?profile=RESIZE_400xClose to 90 percent of all commerce is shipped via maritime transportation.  Lloyd’s of London report combined container throughput figures regarding the top 100 international ports grew by 2.5 percent in 2019.  Splash247 has posted an interesting article explaining that the Chinese government may be toying with supply chain data systems, creating concerns in maritime transportation. 

“There has been progress within the maritime and shipping sector in creating a digital maritime ecosystem that i

6325083890?profile=RESIZE_400xThere is a Russian saying that rings true in protecting entities against cyber threats, “I am not concerned about all of the wolves in Siberia, I am only concerned about the wolves that are now chasing my sleigh.”  The world is full of cyber threats, hackers and state sponsored cyber terrorists who are targeting governments, businesses, and organizations.  The way Red Sky Alliance can help the maritime industry and its supply chain is to focus on the cyber threats directly targeting a specific o

3724012340?profile=RESIZE_710xChina Coverage of Report on the Cyber Vulnerabilities of Asian Ports

SUMMARY

Nanyang Technological University in Singapore has just released a report examining the economic losses expected if Asian port systems, including several in China, were subjected to a major cyber-attack.  This report did not assess the cyber vulnerabilities of Asian ports but rather postulated a major attack in order to calculate economic impact, with a focus on losses in the insurance industry.  The report concluded tha