Russia’s invasion of Ukraine, which cut off exports from Ukraine and put Russian businesses under sanction, has set off a series of new supply-chain bottlenecks. So has a surge in Covid cases in China, which has led to temporary lockdowns in parts of the country. On top of this, key suppliers and manufacturers are being targeted of supply chain attack, which could also seriously impact the production when they go down.

On June 25, TB Kawashima, part of the Japanese automotive component manufacturer Toyota Boshoku of the Toyota Group of companies, announced that one of its subsidiaries has been hit by a cyberattack.

The incident announced by TB Kawashima is the second one this week. A subsidiary of the Japanese car and motorcycle hose maker Nichirin was hit by a ransomware attack on June 14.

In March, DENSO was hit by the Pandora ransomware gang. The company is one of the largest suppliers of automotive components.

And in February, Toyota Motors suspended car production in 14 of its plants in Japan because one of its suppliers of plastic components suffered a cyberattack.

Supply chain attacks can damage organizations, individual departments, or entire industries by targeting and attacking insecure elements of the software supply chain.

A software supply chain consists of:

• Elements of the software development lifecycle (SDLC) process, including build systems, development, and testing environments
• Open source or third-party software used as components in enterprise software
• Open-source platforms used directly by enterprises – such as WordPress or Magento
• Vendors providing professional services, consulting, or development services
• Partners who store or process data on behalf of the enterprise Cloud services (including IaaS, PaaS, and SaaS)
• Past suppliers of the enterprise who still hold company data or access to IT systems

It is common for companies to make data available to third parties, but this must be done with due consideration. The more people who have access to data, the harder it becomes to control and mitigate threats. When starting to address supply chain security, it is important to conduct an audit and determine what is the current situation—who has access and what they are doing with the data—and use this information to limit data access.

This is especially important for third-party vendors, who are often targeted by hackers because their security controls are typically less robust than those of the enterprise. When choosing a vendor, consider its cybersecurity framework, perform due diligence, and accordingly, adjust what type of data they can be exposed to.

One approach to sharing data with vendors is a “one-way feed”—in which data required for a specific vendor is shared with them, and only with them, precisely when they need it. The enterprise can use data masking to reduce the sensitivity of the data and ensure that the vendor disposes of data after it is no longer needed.