In an era where organisations increasingly rely on a web of suppliers and partners, the entry points for malicious actors multiply making supply chain security essential. Recent events, like the CDK Global cyberattack, have highlighted the vulnerability of digital supply chains to cyber threats.
Here we examine what happened in the CDK Global incident, explore the rise of supply chain cyberattacks, and offer strategies to mitigate these risks.
Overview
On June 19, 2024, CDK Global, a software-as-a-service platform which provides a full suite of applications to manage a car dealership’s operation, was hit by a massive cyber attack. The incident forced the software giant to shut down its systems to prevent further damage and just as recovery attempts began, a second breach occurred, exacerbating the disruption. The attack vectors used in these breaches likely involved a combination of phishing and exploiting software vulnerabilities.
Response
Following the attacks, CDK Global activated its incident response plan, shutting down systems, phones, and applications to prevent further spread. The company also worked with law enforcement and cybersecurity experts to investigate and mitigate the incident. Despite these efforts, the attack caused major disruptions at roughly 15,000 dealerships, with estimated losses exceeding $940 million.
Several factors contribute to the growing incidence of supply chain cyberattacks.
1. Increased Interconnectivity: The increasing complexity and interdependence of supply chains broadens the attack surface and creates numerous entry points for cybercriminals. Each supplier and partner represents a potential vulnerability that can be exploited.
2. Lack of Security Measures: Many organizations and their suppliers may not have adequate cybersecurity measures in place, making them easy targets for attackers.
3. Third-Party Vulnerabilities: Third-party vendors often serve as the weakest link in the security chain and cybercriminals frequently exploit vulnerabilities in third-party systems to gain access to larger networks. These breaches are particularly concerning because they can occur even if the primary organization has strong cybersecurity defences.
4. Data and Intellectual Property Theft: Supply chain cyberattacks are not just limited to disrupting operations. These attacks often target sensitive data and intellectual property, which are subsequently sold or used to gain a competitive edge.
To combat the rising threat of supply chain cyberattacks, IT and cybersecurity professionals need to adopt a multifaceted approach.
1. Develop a Cybersecurity Framework: A proper cybersecurity framework will provide a set of rules and practices to defend against cyber threats. It should include guidelines for securing the entire supply chain, from partners to customers.
2. Implement Vendor Risk Management Programs: Organizations should conduct thorough risk assessments of their suppliers and ensure they have proper cybersecurity measures in place. It is important to regularly review these assessments and address any identified vulnerabilities.
3. Cybersecurity Awareness and Training: Employees at all levels must be educated about potential cyber threats and trained on how to identify and respond to suspicious activities. This will help prevent human error from leading to a successful attack.
4. Collaboration: Sharing security strategies and maintaining transparency are vital. Regular engagement with suppliers reinforces security standards and aligns them with organizational policies, ensuring a unified cybersecurity approach.
5. Incident Response and Business Continuity Plans: Having an incident response plan and business continuity strategy in place can help mitigate the damage caused by a cyberattack. This includes regularly backing up data and having contingency plans to ensure minimal disruption to operations.
The CDK Global cyberattack serves as a stark reminder of why organizations, especially those with sensitive data and interconnected systems, become prime targets. It underscores the crucial need for robust supply chain security.
Does your organization need stronger supply chain security? Get in touch to see how we can help.