In January of this year, the National Cyber Security Centre (NCSC) urged UK organisations to bolster their cyber defences following a series of suspected cyber attacks in Ukraine. Worldwide, cyberattacks on businesses are becoming increasingly sophisticated and severe and it has long been clear that businesses must take action to stay ahead of the cyber threat.
The incidence of ransomware attacks in particular has risen in recent years, and all the signs indicate the increase in frequency and severity of this type of attack is set to continue. Our world, including its cold chain, is ever more reliant on connected systems and the potential for huge profit for the criminals is set against slim chances of being caught – many ransomware attacks are never reported.
A type of malicious software that prevents a business from accessing its own systems, ransomware can steal, delete or encrypt data and paralyse its target organisations. Businesses in supply chains are attractive targets to ransomware criminals as attacking one business creates disruption across the whole supply chain.
The impacts can be severe. Extended downtime, lost trade, reputational damage and loss of sensitive material can accompany the financial loss of paying the ransom if that is the decision taken. Afterwards, recovery involves a painstaking process of isolating infected files and systems and recovering data where possible.
Cold chain businesses can take steps to protect against ransomware attacks, conducting a threat analysis and ensuring the latest system updates and anti-virus systems are in place. Employees should be given information about spotting phishing scams, and Remote Desktop Protocol (the most popular vector for ransomware attacks) should be reviewed. Data should be backed up regularly and a robust data recovery plan put in place.
We explored the preventative action that businesses in our industry can take as part of our Cyber Security in the Cold Chain webinar in May. The panellists included experts from the NCSC who highlighted free resources available including the NCSC’s Cyber Essentials guide, which shows how businesses can protect against the most common internet threats; its Cyber Security Training for Businesses webpage which details a range of free e-learning courses; and its Board Toolkit which encourages essential cyber security discussions between the Board and their technical experts.
The NCSC’s Small Business Guide shows how to improve cyber security quickly, easily and at low cost, and the Small Business Guide to Response and Recovery helps prepare responses to a cyber incident. For larger businesses, 10 Steps to Cyber Security shows how to put a comprehensive cyber security risk management plan in place.
Particularly relevant for businesses in the cold chain, the NCSC also provides a Cyber Assessment Framework to support organisations responsible for vitally important services and activities. Find out more about these and other resources at www.ncsc.gov.uk/guidance.
Our webinar on cyber security in the cold chain also included discussions on how software and IT solutions can create effective front-line protection from cyber-attacks. Listen back to the full webinar at www.coldchainfederation.org.uk/events
Comments are closed.