Editor’s Note: This is Part 1 of a 3-Part series.

Envision an early morning at 7:23 a.m. in the near future. Your phone rings with an urgent call from your IT support lead. The team is flooded with reports of system failures. You run the normal processes to try and reboot.

You then get a call that a ransomware message has been found, reminiscent of the high-profile 2020 incident at the Texas Department of Transportation (screenshot below). This scenario is becoming increasingly common, especially for companies with significant roles in the economy, like those in the distribution industry.

The risk of a cyber attack will only grow as bad actors utilize good technology to do their bidding. Additionally, the impact of these threats extends beyond simple data breaches; they are capable of halting and disrupting entire business operations.

Profit Optics has been providing data and software solutions to the distribution industry for decades. In our work, we have collaborated with many different IT teams as we have deployed software and infrastructure on their behalf. 

Our assessment is that in general, distribution, as an industry, is largely underprepared for cyber events.  

This is the first in a series of articles in which the purpose is to provide the knowledge and resources distribution companies need to better react to and prevent cyber threats. The series will cover the following topics:

1. Navigating the Cyber Threat Landscape
2. Fortify Against the Cyber Attack Onslaught (because it’s not a matter of if, but when)
3. When the Cyber Attack Happens to You

Navigating the Cyber Threat Landscape

Just like in the event at the start of this article, distributors today are confronting an extraordinary spectrum of cyber threats. More and more in the news, including in articles shared on MDM, distribution companies are dealing with the reality of not just the cyber threats, but the cyber events that occur as the threat becomes an active attack.

As always in human history, good technology will be put to bad use.

The threat landscape is constantly evolving, and the will to survive of criminals and bad actors is strong. By the time you read this article, there are likely new advances in technology that are being used to threaten organizations, including your own.

The first step in navigating the cyber threat landscape is to be constantly aware of the evolving threats.

Commonly known threats include: Denial-of-Service attacks, ransomware, data breaches, compromised emails, supply chain attacks and intellectual property theft. As organizations continue to go “digital first,” the attack vectors that can be exploited will grow.

The distribution industry is a significant target for these attacks given the increased adoption of technology and tools in all parts of the organization. When it was just boxes, warehouses, paper and relationships that ran distribution companies, the main threat was physical damage, i.e. fire and water.

When all of those core elements are tied up in technology solutions, threats move to more sophisticated methods. These threats are not just about data breaches; they are about disrupting and halting business operations.

Distribution companies will continue to need to look at security positions such as a chief information security officer or chief cybersecurity officer given the importance of securing and managing the digital assets of organizations.

It is difficult to estimate the total cost of cyber incidents on U.S. businesses. CISA’s report from 2021 provides an overview of various studies that put that cost anywhere between $1 billion to as high as a few hundred billion dollars per year. Per-incident estimates are more telling as they range from a few hundred thousand to a few hundred million, indicating that companies of various sizes are being impacted.

The Evolving Landscape of Cyber Threats

While ransomware and attacks aren’t new, they are happening more often — and we don’t see that slowing down. Here are a few reasons why this is, and will, continue happening. 

• Increased Frequency and Sophistication: Bad actors are adopting newer and more advanced technology to do their bidding. For instance, the NotPetya attack in 2017, which initially targeted Ukrainian businesses, ended up causing global disruption, affecting major companies like Maersk and Merck, showing how interconnected vulnerabilities can lead to widespread damage.
• Supply Chain Infiltration and Manipulation: Cybercriminals can infiltrate the supply chain at multiple points, manipulating inventory data, shipment schedules or product information. This can lead to financial losses, operational disruptions and compromised product integrity.
• Cloud Storage Breaches: As wholesale distributors increasingly rely on cloud storage for data management and analytics, the risk of data breaches in these platforms rises. Ensuring secure cloud environments and managing access controls becomes crucial.
• eCommerce Platform Attacks: For distributors with eCommerce platforms, threats include website hacking, customer data theft and fraudulent transactions. Secure payment processing and website security are key to protecting both the distributor and their customers.
• Business Email Compromise and Phishing: BEC attacks involve cybercriminals impersonating company executives or partners to initiate fraudulent wire transfers or steal sensitive information. Phishing attempts can trick employees into divulging login credentials or downloading malware.
• Ransomware Menace: The distribution sector is particularly susceptible to ransomware attacks, which can lock out critical data and more importantly the ability to transact. A notable example is the 2020 attack on logistics giant Toll Group, which led to significant disruption in deliveries and freight services.
• Third-Party Vulnerabilities: Many breaches occur through third-party vendors, a significant risk for distributors with extensive supplier networks. The 2013 Target breach, initiated through an HVAC vendor, highlights the dangers of third-party vulnerabilities.
• Open Source Risks: Increased use of open source software has been accompanied by new and heightened security concerns. Its open nature means that the source code is accessible to everyone. This accessibility can lead to a faster identification of security flaws compared to proprietary software, but is also exposing the software to potential attackers who can study it to exploit vulnerabilities or make contributions that can pose a risk, as malicious code can be inserted without thorough review.
• Insider Threats: Disgruntled or negligent employees can pose a substantial internal risk. For example, in 2018, Tesla faced an internal sabotage incident where an employee maliciously altered the company’s manufacturing operating system. Further back, a former contractor who maintained Grainger’s computer servers for its industrial vending machines network hacked into those servers in July 2016 and gained access to the Grainger inventory management program that then supported about 18,000 customers throughout the U.S. and intentionally damaged the data within.

A Call to Action for Distributors

The distribution industry stands at a crossroads, confronted with an array of complex and unpredictable cyber threats. In this digital age, leadership teams must do more than just be aware of these challenges; they must actively engage in developing robust cybersecurity strategies. Understanding the multi-dimensional nature of cyber threats — sophisticated ransomware, third-party vulnerabilities, open source risks and internal threats — is essential in knowing the enemy and fortifying defenses to protect critical operations. 

This approach requires proactive engagement, continuous learning and adaptation to the evolving cyber landscape. By doing so, you not only safeguard your operations for your employees and shareholders but also strengthen your position as pivotal, reliable and secure links in the global supply chain.

Stay tuned for Parts 2 and 3 of this series.