New Cyber ​​Risks Facing Supply Chain

introduction

Cyber ​​threats targeting supply chains have raised concerns for businesses across the industry. As businesses continue to grow their reliance on third-party vendors, cloud-based services and global logistics networks, cybercriminals are leveraging vulnerabilities within these interconnected systems to launch attacks. By first breaching security gaps not detected by third-party vendors, attackers can establish a foothold and exploit these weaknesses to penetrate the network of primary business partners. From there, they move sideways through critical systems, eventually gaining access to sensitive data, financial assets, intellectual property, and even operations management.

Recent prominent breaches, like the 2024 ransomware attack that hit Change Healthcare, one of the world’s largest health payment processing companies, show how attackers disrupt supply chain businesses, where they steal protection information (PHI) for up to 600 million patients. This incident was one of the most devastating cyberattacks on the US critical infrastructure to date, and could have been prevented with simple multifactor authentication (MFA) on targeted remote servers.

Unlike traditional cyber threats targeting a single organization, supply chain attacks leverage the weakest links within the business ecosystem. As businesses work to mitigate risk, it is important to understand the situation of new threats, the most at-risk industries, and the security strategies needed to ensure the supply chain. Furthermore, as the US implements new tariffs on foreign goods, businesses need to assess whether these trade policies introduce new cybersecurity challenges or mitigate existing risks.

New threats affecting the supply chain

Ransomware Attack: Ransomware has evolved into one of the most harmful cyber threats to supply chains. Attackers are increasingly targeting targets. Logistics providers, manufacturers and key suppliers are demanding large ransoms to encrypt their systems and restore operations. In 2024, CDK Global, a software provider for around 15,000 North American car dealers, was hit by a ransomware attack. Malware targeted personally identifiable information (PII) such as Social Security numbers, bank account details, and credit card data. The dealer was forced to return to manual operation for several days, if not weeks. They were forced to physically transport pen and paper use and US automotive records to the Automotive Division (DMV) office. In April 2024, hackers uploaded a malicious visual studio project to GitHub and manipulated search algorithms to improve visibility. These projects contain malware similar to the keyzetsu clipper, designed to intercept and modify cryptocurrency wallet addresses copied to the clipboard, redirecting funds to the attacker. Phishing attacks, credentials and password leaks provide hackers with a pathway to infiltrating multiple organizations through a single, compromised vendor. A weak vendor’s security practices allow unauthorized access to critical systems, leading to data theft and operational disruption. AI-powered Cyber ​​Attack: Artificial Intelligence has become the double-edged sword of cybersecurity. While businesses use AI to detect and defend threats, cybercriminals leverage AI to automate phishing campaigns, bypass security controls, and identify vulnerabilities within supply chain networks. AI-driven attacks make it easier for hackers to avoid detection and increase the frequency and refinement of cyber threats in their supply chain. IoT and OT Exploits: Supply chain operations rely heavily on Internet of Things (IoT) and operational technology (OT) devices such as smart sensors, automated manufacturing equipment, medical devices, and connected logistics systems. However, many IoT and OT devices do not have robust security measures, making them an attractive target for hackers. Cybercriminals can exploit the vulnerabilities of these devices to gain distributed denial (DDO) attacks, manipulate production processes, or gain access to enterprise networks.

Industry was most affected

Manufacturing and Industry

Manufacturers rely on the global supply chain of raw materials, hardware components and logistics. Cyberattacks targeting Industrial Control Systems (ICS) and Enterprise Resource Planning (ERP) software can halt production, delay shipments, and lead to financial losses. Furthermore, intellectual property theft poses a great risk to this sector as hackers target sensitive trade secrets.

Healthcare and Pharmaceuticals

The healthcare industry relies heavily on third-party suppliers, wholesale distribution centers, R&D, lab equipment and chemical suppliers, hospitals and clinics, government buyers, and more. Healthcare, specifically, pharmaceutical companies, need to manage one of the largest industry supply chains filled in 10 seconds, if not 100 vendors. Violations within the healthcare supply chain can destroy patient data, compromise, disrupt hospital operations, and even affect the development and distribution of critical drugs. This was less obvious than the 2020 attack on the Covid-19 vaccine supply chain, which highlighted the vulnerability of the sector.

Retail & e-commerce

Retailers and e-commerce companies rely on logistics providers, payment processors and digital marketing platforms, all of which implement third-party cyber risk. Cybercriminals target online checkout systems, warehouse automation tools, and supplier databases to steal payment information and personal customer data.

Energy and critical infrastructure

Power grids, fuel pipelines, transportation and water treatment facilities rely on complex supply chains involving multiple vendors and contractors. A single supplier cyberattack can disrupt the entire sector, as seen in a cyberattack targeting Ukrutzariznizzia, a Ukrainian state-owned railway company in March 2025.

Banking and Financial Services

Since open banking first exploded, banks and financial institutions have been working with numerous third-party service providers to access consumer banking data via APIs. It was introduced to promote competition and innovation and to enhance customer control over financial data. Open Banking has been launched in response to regulatory initiatives such as the EU’s PSD2 (Revised Payment Services Directive) and the UK’s CMA’s Open Banking Regulations, aiming to break traditional bank monopolies, promote fintech growth and improve financial transparency and services. Supply chain violations in this sector can release sensitive financial data, disrupt banking and lead to massive fraud.

Proactive security strategies for supply chain protection

As global networks grow, businesses need to ensure their own environment and to explain the risks posed by third-party vendors. This shift has forced organizations to move away from reactive incident response to aggressive security strategies that predict, detect and neutralize threats before they cause disruption. As a result, cybersecurity is no longer just about responding to attacks. It is about predicting and preventing them to enhance supply chain resilience and ensuring business continuity. Below are some security strategies that have been proven effective:

Continuous Threat Exposure Management (CTEM)

Organizations need to use the CTEM framework to proactively identify, validate, prioritize and mitigate supply chain security gaps. These approaches continuously analyze attack vectors to ensure a rapid response to emerging threats.

Continuous penetration testing and external attack surface management (EASM)

Automated pentting can provide ongoing testing of vendor systems that helps to uncover vulnerabilities before cybercrime commits. Attack Surface Management (ASM) tools allow companies to map and monitor all external improvement assets and reduce the risk of unknown exposure.

Regulatory compliance and standards

Enterprises should arrange their security strategies to industry regulations such as NIST’s Cybersecurity Framework, Cybersecurity and Infrastructure Security Agency (CISA) guidelines, and ISO 27001 standards. Compliance with these frameworks ensures a baseline of security practices within the supply chain.

AI-driven threat detection

Using artificial intelligence for real-time threat detection and anomaly analysis can help businesses identify vulnerabilities within their supply chains that are not normally discovered. AI-powered security tools analyze large amounts of supply chain data to detect suspicious activity and predict potential attacks.

The impact of US tariffs on supply chain cybersecurity

For example, US tariffs on imported technologies, hardware, raw materials and software have far more impact than economics. It also affects the security and resilience of critical infrastructure. As costs rise, businesses may be exposed to greater security risks in search of alternative suppliers. These shifts in sourcing will introduce new vendors with a variety of security standards, increasing the likelihood of supply chain attacks.

Increased costs and shifting vendors: New tariffs on foreign goods may force businesses to change their suppliers. Vendors in different regions may have weak security protocols and require additional review and security assessment. Trends in revision and proximity monitoring: To reduce dependence on foreign suppliers, many US companies have repurposed (returning production back to the US) or proximity (moving operations closer to the US). This shift could reduce the risks associated with foreign supply chain attacks, but could also introduce new cyber threats related to domestic infrastructure security. Regulation and compliance burden: New trade policies may require businesses to comply with additional cybersecurity regulations when procuring from certain regions. This can increase the costs of security compliance and risk assessment. Potential risks for cyber espionage: Geopolitical tensions arising from tariff policies could drive more state-sponsored cyber attacks to US companies. Companies need to remain vigilant against attempted spying on trade secrets and supply chain data.

Conclusion

A secure supply chain is not just about protecting assets, but also about maintaining trust, resilience and operational stability. As cyber threats increase in sophisticated supply chain dependencies, organizations taking a proactive security stance are better positioned to mitigate risk and maintain long-term growth. Now is the time to assess vendor relationships, strengthen defenses, and embed security in every state of the supply chain lifecycle. The future belongs to people who not only respond to them, but also to predict the threat.