Supply Chain Scanner - Week of July 28, 2025

Weekly blog by Emily Atkins

Is your cyber security up to date?

In May this year, the Canadian Centre for Cyber Security (Cyber Centre) issued a cyber security alert in conjunction with the United States’ National Security Agency (NSA) and multiple international partners.

Russian state-sponsored cyber activity is targeting Western logistics providers and IT companies, particularly those involved in delivering foreign assistance to Ukraine. Known targets of the attacks include government organizations and commercial entities in NATO member states and Ukraine, as well as international organizations. Transportation and transportation hubs, such as ports and airports, the maritime sector, and air traffic management, are the primary targets, along with the defence industry and IT services.

The campaign uses a mix of tactics, techniques and procedures (TTPs), including password spraying (attempting to access large numbers of accounts with a few commonly used passwords), spearfishing (impersonating trusted sources to trick individuals into divulging sensitive information or installing malware), and modification of Microsoft Exchange mailbox permissions.

The advisory warns executives and network defenders at logistics providers and technology companies to be aware of the increased threat and adjust their cyber security posture with the presumption that they are being targeted. The U.S. government has posted a comprehensive document with guidance for IT professionals on how to avoid these attacks.

The attackers in this campaign have successfully gained access to transportation company networks and obtained sensitive information on shipments, including all the details on a manifest. They have also been able to gain access and control of private surveillance cameras at border crossings and storage yards.

The threat to supply chain operations from cyber attacks is not new and is not going away. Supply chain operations are susceptible thanks to the large volume of digital information that changes hands for every move. And, because supply chain transactions depend on the security of every partner in the chain, a supply chain’s cyber security is only as strong as the weakest link. If one supplier becomes compromised, an attacker can gain access to the entire supply chain.

The cost of cyber attacks in Canada is substantial, with data breaches averaging $6.32 million per incident, according to the Canadian Cyber Threat Exchange (CCTX). Total spending on recovery from cyber security incidents has also doubled, increasing from $600 million in 2021 to $1.2 billion in 2023.

According to the Cyber Centre “Cyber threats propagate through digital information transfer, meaning supply chains provide an extended attack surface against Canadian organizations and an alternative for cyber threat actors to direct action against an organization’s networks. We assess that supply chains will almost certainly continue to be targeted by threat actors in the near term.”

That aligns with the results of a new study conducted by Fortinet, which surveyed professionals in transportation, health care and energy from around the world, including Canada. They found that 11 percent of Canadian respondents reported more than six intrusions in the past year.

Fortunately, awareness of the threat is a good starting place for prevention. According to Fortinet, adopting cybersecurity best practices is yielding benefits. There has been a decline in business email compromise and a sharp rise in threat-intelligence integration, which jumped by 49 percent since 2024. The report also notes a trend toward vendor consolidation, with 78 percent of organizations now using just one to four vendors for operational devices.

And it seems that operational cyber security is moving up the chain of command. In Fortinet’s survey, 52 percent of respondents say their organization’s CISO or CSO is now responsible for operational technology (OT) security, up from 16 percent in 2022, and 80 percent of organizations said they plan to move cyber security into the CISO’s area of responsibility within the next year.

Specific defences against cyber attacks will depend on a wide variety of factors like the size of your organization, the scope of activities and the types of information technology being used. The Cyber Centre offers a trove of information and resources for companies seeking to improve their cyber security processes. The online document “The cyber threat from supply chains” offers a comprehensive review of threats and responses with case studies, and includes (near the bottom of the page) a set of guides for companies of various sizes.

A final word from the Cyber Centre: “Organizations should maintain a robust supply chain integrity program and ensure that their suppliers are adhering to supply chain integrity and security best practices.” Definitely easier said than done, but given the potential costs of a breach, it’s a worthwhile endeavour.

Join the conversation on Canada’s Logistics Community forum!

Emily Atkins
President
Emily Atkins Group

Emily Atkins is president of Emily Atkins Group and was editor of Inside Logistics from 2002 to 2024. She has lived and worked around the world as a journalist and writer for hire, with experience in several sectors besides supply chain, including automotive, insurance and waste management. Based in Southern Ontario, when she’s not researching or writing a story she can be found on her bike, in a kayak, singing in the band or at the wheel of her race car. LinkedIn: https://www.linkedin.com/in/emilyatkinsgroup/