Cyber attacks in the supply chain

Cyber attacks in the supply chain

During August we’ll be discussing resilience under the ‘Secure Supply Chain, Transport and Logistics’ theme.

In this article, our Supply Chain Security Lead, Stewart Hurry, discusses cyber attacks in the logistics sector.

The haulage and logistics sector is just like any other sector and vulnerable to cyber-attacks and system hacking.

One of the most significant recent attacks took place on 27 June 2017 when the shipping giant A.P. Moller Maersk fell victim to a global malware attack known as ‘NotPetya’ also referred to as ‘ExPetr’.

Online cargo booking was consequently impacted, forcing staff to use personal email accounts and WhatsApp to respond to critical emails.

As key processes relied predominantly on IT systems, personnel were forced to resort to manual processes. It took almost one week for all services to resume and for the shipping firm to regain total control of its systems.

A costly impact

Maersk has since revealed the attack caused congestion in as many as 80 ports operated by APM Terminals and cost the company as much as 300 million dollars. Estimates suggest the global ransomware attack resulted in losses of at least 850 million dollars, with predictions of future attacks to be in the billions as economies increasingly rely on IT infrastructure.

In addition to the requirement to comply with the GDPR regulations, there is the EU Directive on Security of Network and Information Systems (NIS Directive), which is aimed at enhancing and strengthening cyber security in order to minimise the impact on the provision of critical services.

The NIS Directive applies to sectors and businesses that operate in critical industries including transportation which extends to maritime carriers and ports.

The extent of the impact will depend on individual member states who will set individual guidelines and penalties for non-compliance. For example, in the UK, organisations deemed as non-compliant can be fined a maximum of 17 million pounds (approximately 24 million dollars).

In order to avoid this, UK organisations will need to be audited against 14 principles issued by the National Cyber Security Centre (NCSC).


While patches and updates for vulnerabilities become available, cyber criminals still seek to find new vulnerabilities to exploit, thereby posing an enduring and adaptable threat. Further still, the increased sale of DDoS-as-a-service or malware-as-a-service on the dark web means that with limited technical capability, individuals can purchase malicious software and execute complex cyber-attacks – undoubtedly contributing to a year-on-year rise in the number of cyber-attacks.

Ultimately, despite evolving cyber threats, the main vulnerability of attack lies in human error. While humans are largely the cause, they too are ultimately the answer to managing cyber risks. Within the shipping and logistics sector, personnel have been notably targeted in social engineering attacks.

Such incidents involve the manipulation of people into sharing confidential information or performing specific actions, including transferring payments into different accounts.

The extent to which an attacker can breach a company operating system depends on the size of the vulnerability being exploited and the chosen method of attack. Depending on the significance of the breach, a perpetrator may be able to affect the system’s operation, gain access to commercially sensitive data and/or gain full control of systems.

The motives, objectives and capabilities of the attacker will determine the effect they have on company systems and data. An attacker may explore systems, expand access and ensure they are able to return to the system in order to access commercially sensitive or confidential data, and/or disrupt operations of the company systems.

Technology increases threat

The logistics industry continues to demand greater interconnectedness. Incidents recorded to date have led to significant quantifiable financial losses, however, it is harder to identify losses resulting from reputational damage, where recovery can be complex or difficult.

Further still, significant attacks targeting port facilities, onshore offices, 3PL company systems, despatch document systems, compliance procedures and many more, can lead to extensive disruption to operational continuity.

As the industry embraces technology, the exposure and threat continues to grow, and therefore with every process in the logistics industry that is automated and digitised, risk assessments need to be carried out to mitigate against potential new threats and vulnerabilities posed by these evolving cyber threats.

Mitigating the cyber threat can be daunting but help is at hand. SBRC through their cyber experts, ethical hacking team and the Curious Frank services can provide advice, guidance and support to implement preventative strategies to minimise the risk from cyber attacks but also to maximise your response and speed your recovery.

If you need any assistance please contact Stewart Hurry, Supply Chain Security Lead or for cyber support, email  

*Some of the information contained in this article is reproduced courtesy of the Risk Focus: “Cyber Considering threats in the maritime supply chain” report with kind permission of TT Club.

Related News

Member Log-In

Welcome to the SBRC Members Lounge, login details will be issued to members in due course.

Forgot password?